User Account

All Pages

Key elements as part of the risk management framework

Assignment Help Management Theories
Reference no: EM13767461

Introduction:

The National Institute of Standards and Technology (NIST) replaced the former NIST Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems with NIST Special Publication 800-37 Revision 1, Guide for Applying Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach. The NIST document changed from a certification and accreditation framework to a risk management framework because information security management systems should be regularly reviewed, updated, and maintained. It makes more sense to follow a security life cycle approach (continuous monitoring) versus a single one-time static certification/accreditation approach.

For this task, you will be using NIST Special Publication 800-37 Revision 1, Guide for Applying Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach and the attached "Healthy Body Wellness Center Risk Assessment" case study.

You have been hired to apply the NIST's risk management framework to the Healthy Body Wellness Center's information systems. You know that the organization has recently had a risk assessment completed that includes recommendations for implementing security controls and mitigating risks. In your new role, a team of people will be assigned to help you with the task. The first job you are tasked with is creating a to-do list for the specific tasks outlined in each of the six steps in the risk management framework (RMF).

Task:

A. Discuss key elements that need to be addressed as part of the risk management framework by completing the attached "RMF To-Do List."

B. Create a white paper that compares the ISO 27002, COBIT, NIST, and ITIL frameworks by doing the following:

1. Discuss how each framework is most commonly used.
2. Analyze the purpose of each framework design.
3. Evaluate the strengths of each framework.
4. Evaluate the weaknesses of each framework.
5. Discuss the certification and accreditation process for the frameworks.
6. Discuss when you would choose to use each framework (e.g., ISO 27002 versus COBIT, NIST, or ITIL).

C. When you use sources, include all in-text citations and references in APA format.

Reference no: EM13767461

Questions Cloud

Glacial period related problem : What do you think the effects on humans will be if the climate continues to warm precipitously?
Approximate the probability that at most will be defective : A manufacturing process produces semiconductor chips with a known failure rate of .If a random sample of chips is selected, approximate the probability that at most will be defective.Use the normal approximation to the binomial with a correction for ..
The risk assessment for the health body wellness center : The risk assessment for the Health Body Wellness Center has already been conducted. Your task is to define the ISMS scope for the Healthy Body Wellness Center and make recommendations for implementing the resulting ISMS plan.
Independent issues concerning the capital stock : Respond to the following independent issues concerning the capital stock of corporations in your initial post:
Key elements as part of the risk management framework : Discuss key elements that need to be addressed as part of the risk management framework by completing the attached "RMF To-Do List."
Taxation research and communication : The current tax law system in the United States has emerged over many years from statutory, administrative, and judicial sources. These sources are continually changing and new laws are introduced at least annually.
An llc or a shareholder of a corporation. : A limited liability partnership (LLP) is a type of general partnership that most states now permit. There is a very important distinction, however, between an LLP and an LLC; in an LLP, the partners are not liable for the debts of the partnership. Ho..
Global digital ethical issues : The purpose of this assignment is to analyze a current event article about global digital ethical issues from a multi-national corporation perspective. This assignment is designed to increase your knowledge from a corporate viewpoint and enable yo..
The composition of the solar system : Explain how the processes of plate tectonics act to make metals and minerals usable for us.

Reviews

Write a Review

Management Theories Questions & Answers

  Distinguish between fraud and misrepresentation

Distinguish between fraud and misrepresentation.

  Opportunities to bring them into dialogue

Does your organization have silos? How many can you define, and how would you explain the relationships between them? Who are the individuals running the silos, and can you locate some opportunities to bring them into dialogue?

  What about your personal transition

What about your personal transition?

  The securities and exchange commission

1. Does a lawyer owe a duty to his former client by virtue of the Texas Code of Professional Responsibility, to preserve that client's confidences and secrets when subpoenaed by the Securities and Exchange Commission (S.E.C.) to testify in an investi..

  A diversified consumer electronics company

A diversified consumer electronics company

  Do all managers need these skills in the same mix

Describe the managerial skills you think you need to work on the most, and suggest how this might be done. Give specific examples in your answer

  Examine the invention and growth of crowdsourcing in the

crowdsourcing in the field of interface design takes tasks traditionally performed by specific individuals and spreads

  Developing a basic cockpit design for a new aircraft

Developing a basic cockpit design for a new aircraft

  Emergency response planning for airports

Emergency Response Planning for Airports

  What is the expected future course of the project

Select a big or the biggest project you have been associated with in your life. It could be a professional or a personal project

  Analysis of the role leadership plays in shaping

Analysis of the role leadership plays in shaping an organizational culture.

  Vastly different employment laws

Considerations an American based organization needs to take into account when working in multiple nations with vastly different employment laws.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd