Question: Compare and contrast the following nine security frameworks. - NIST Risk Management Framework (RMF) - NIST Cybersecurity Framework - ISACA IT Risk Management Lifecycle -

Compare and contrast the following nine security frameworks.

- NIST Risk Management Framework (RMF)

- NIST Cybersecurity Framework

- ISACA IT Risk Management Lifecycle

- CIS Top 20 Security Controls

- ISO IEC 27001/27002

- Payment Card Industry Data Security Standard (PCI DSS)

- HITRUST Common Security Framework (HITRUST CSF)

- Cybersecurity Capability Maturity Model (C2M2)

- SSAE18 SOC 1, SOC 2

answer the following four questions.

  1. Is one framework better (i.e., more effective) than the others?
  2. Would the implementation of any of the frameworks have prevented a recent cyber attack in the news?
  3. Could they have reduced the impact to organizations?
  4. Which one would work best for your workplace organization?

Take care to explain and justify your answers.

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Q:

As of December 31, Year 1, Moss Company had total cash of $195,000, notes payable of $90,500, and common stock of $84,500. During Year 2, Moss earned $42,000 of cash revenue, paid $24,000 for cash...

Q:

Does the post appropriate answer the question below? The next meeting of the IT Governance board will include a set of orientation briefings for the new members. If you had to make a recommendation...

Q:

Which of the following frameworks is used by most companies as a measuring stick to compare their cybersecurity practices to the threats that they face? Center for Internet Security ( CIS ) Benchmark...

Q:

1. The NIST Risk Management Framework uses the security category (SC) (see chapter 1, sections 1.1.2 and 1.2) as part of the selection of security controls to reflect the impact of cybersecurity...

Q:

Assignment Content Your company, Phoenix Security Services, is a managed security services contractor that consults with U.S. businesses that require assistance in complying with the Sarbanes-Oxley...

Q:

ISSUES IN ACCOUNTING EDUCATION Vol. 26, No. 3 2011 pp. 521-545 American Accounting Association DOI: 10.2308/iace-50031 Breach of Data at TJX: An Instructional Case Used to Study COSO and COBIT, with...

Q:

1. What is an information security standard for organizations that handle credit cards? A. International Organization for Standardization and International Electrotechnical Commission (ISO/IEC)...

Q:

Before submitting your completed templates, work with other students to review their documents, provide feedback, and apply recommendations as appropriate. In your document, mention the...

Q:

Instructions The Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy document (SP800-37) by NIST describes the Risk Management...

Q:

CASE STUDY: THE EQUIFAX DATA BREACH In 2 0 1 7 , Equifax , one of the largest credit reporting agencies in the United States, experienced a massive data breach that exposed the personal and financial...

Q:

1. _____ is a proprietary vulnerability scanner. It is often used by security administrators to find known weaknesses on Mac, Windows, and Linux operating systems. It can also be used for compliance...

Q:

Explain in details the four basic ways in which markets can be segmented internationally.

Q:

TGIF Corp. (TGIF) currently has an ROE of 5%, total assets of $1000 and a dividend payout ratio of 50%. TGIF's beta is currently equal to 2 and they have no debt. The marginal corporate income tax...

Q:

Which of these transactions would not be part of the cash flows from the operating activities section of the statement of cash flows? Group of answer choices sales of product, for cash credit...

Q:

Seved Help 14 Wisconsin Snowmobile Corp. is considering a switch to level production Cost efficiencies would occur under level production, and aftertax costs would decline by $31,500, but inventory...

Q:

=+7 What is the overall cost of the international assignment?

Q:

=+The IHR manager should know who the peer group is of the particular employee considered for assignment so that they can justify the elements of the C&B package.

Q:

=+contract, or moving on to a third country? INTERNATIONAL COMPENSATION, BENEFITS, AND TAXES