Published: 04 October 2019
Security and risk management leaders are faced with an array of information security frameworks, control catalogs and processes all intended to inform the design of their security programs. The issue isn’t so much which one you pick but how effectively you implement it.
Included in Full Research
- Recognize That Security Frameworks, Control Catalogs and Security Processes Are Different Elements of Your Security Program
- Identify Industry-Specific Frameworks, Control Catalogs and Security Processes Required by the Organization’s Business Context
- Select a Framework and Controls That Are Consistent With the Security Team’s Capability and the Organization’s Maturity