Posts Tagged ‘NIST 800-53’

Audit of security control and scoping

Filed in Risk Assessment, Security Compliance on Sep.01, 2009

Information Technology Control and Audit The audit is utilized as a tool to check compliance control based on standards such as ISO 27002 or NIST 800-53 etc. Some other terms which are not sometime rigorous audit have been used to asses controls are gap analysis, benchmarking and control review. Scoping sets the boundaries of the […]

Tags: assessment profile, assessment scope, iso 27002, NIST 800-53, security audit, security control, security review, Security Risk Assessment

Comments (1)

Control selection and cost savings

Filed in Security Risk Assessment on Aug.18, 2009

Information Security Risk Analysis In risk management, risk treatment process begins after completion of a comprehensive risk assessment. Once risks have been assessed, risk manager utilize the following techniques to manage the risks • Avoidance (eliminate) • Reduction (mitigate) • Transfer (outsource or insure) • Retention (accept and budget) Now the question is how to […]

Tags: common control, iso 27002, iso assessment, ISO audit, NIST 800-53, NIST audit, risk analysis, Risk Assessment, Risk management

Comments (2)

Managing Risks and NIST 800-53

Filed in Security Risk Assessment on Aug.10, 2009

Image via Wikipedia FISMA Certification & Accreditation Handbook The organizations need to establish security program to manage their day to day risks. Before selecting the controls from standards such as (NIST 800-53 or ISO 27002), organizations need to have complete inventory of the assets involved in the scope. Assets involved in the scope would require […]

Tags: iso 27001, iso 27002, NIST 800-53, PDCA, Risk management

Comments (3)

  • subscribe

  • Advertising

  • Click below to Follow DISC InfoSec blog

      👇           👇           👇

    Follow DISC InfoSec blog

    DISC InfoSec Titles

  • DISC InfoSec Services


    👉 Download a Virtual CISO (#vCISO) and Security Advisory Fact Sheet & Cybersecurity Cheat Sheet

  • Get a Cyber Aware Cheat Sheet now!

  • “Like” our FB DISC InfoSec page

    >>> DISC InfoSec Facebook Page <<<

  • DISC InfoSec Store

    DISC online store for recommended InfoSec products

  • DISC InfoSec Online Services

    DISC InoSec Services
  • Download ISO27k Standards

    vCISO as a service



  • Search DISC InfoSec blog

  • Meta

  • Blogroll

  • Archives

  • Categories

  • Tags

    Business Chief Information Security Officer china CISA CISO Cloud computing cloud security Computer security Credit card cyberwarfare dark web data breach data security facebook Google Hacking Health Insurance Portability and Accountability Act Identity Theft Information Security Information Security Management System International Organization for Standardization isms ISO/IEC 27001 iso 27001 ISO 27001 2013 ISO 27001 2013 Gap Assessment iso 27001 certification iso 27002 Log4j Log4shell Malware Microsoft Payment Card Industry Data Security Standard pci dss Pegasus spyware phishing privacy Ransomware Protection Playbook Risk Assessment Risk management Security Security Risk Assessment Spyware United States vCISO

  • For an InfoSec and Compliance question

    Contact us

    Support us
  • Best Sellers Books in Computer Security

    New Releases in Computer Security