I’m working on a cyber security discussion question and need an explanation and answer to help me learn.
Week 4: Debate: CSF or RMF? Which is better for managing IT Security Risk?
Many businesses follow NIST guidance for identifying, managing, remediating, and monitoring Information Systems Risk. Some follow the guidance because of contractual mandates (i.e. they’re under contract to the US Federal Government). Other businesses follow the NIST guidance because it represents “best practices” and is a widely accepted source of guidance.
Write a 3 to 5 paragraph position statement in which you identify and describe 3 to 5 contributions that your chosen framework (CSF or RMF) will make to effective management of enterprise IT risK, in addition sum up your paper with a detailed conclusion paragraph.
0 comments