Which of these still provide you value?

CIS 2028%




4.2k views5 Comments

Director in Finance (non-banking), 10,001+ employees
Should be able to select multiple...
Assistant Director IT Auditor in Education, 10,001+ employees
This depends on the usage in the organization. I like CIS top 20 for testing against best practices configurations, NIST Cybersecurity Framework is a very broad but can use pieces for it in your environment, ITIL the same.
Director of Technology Strategy in Services (non-Government), 2 - 10 employees
I've found ITIL more valuable since I've blended it with eleemtba of TOGAF.

The inputs and outs of both are very similar and they should be done at a joint level.
Senior Director, Defense Programs in Software, 5,001 - 10,000 employees
It’s always a blend (I tend to think most about NIST CSF), but always interested in the ITILv3 or 4 value chain discussion…
CTO in Software, 201 - 500 employees
Agree with the multi-select comment. Also, this is really apples and oranges 🙂 which makes the context a bit confusing. One is a fairly specific set of controls, another is a broad framework for reducing cyber security risk, and the third is a set of best practices for managing a complete lifecycle of IT services. They are largely complementary.

Content you might like

Important solution for today’s way of working52%

Interesting idea to explore for 202242%

Not necessary6%


966 views1 Upvote1 Comment

Just before the renewal5%

A few days in advance35%

A few weeks in advance27%

A few months in advance30%

A few years or more in advance1%


4.5k views2 Upvotes2 Comments