The Information Security Strategic Plan and Security Policies are strongly interrelated within an organization’s information security program. The security plan and security policies will drive the foundation and selection of security controls to be implemented within the organization.
Part 1:
write a 1-page summary in Microsoft Word of your comparison chart of Strategic Plans and Security Policies.
Part 2:
Review the control families described in NIST SP 800-53a R4, Assessing Security and Privacy Controls for Federal Information Systems and Organizations.”
Review the CIS Critical Security Controls from your reading “The CIS Critical Security Controls for Effective Cyber Defense.”
Develop a 2- to 3-page matrix using the template provided that accurately maps the CIS Critical Security Controls to the NIST security control families. Note that some CIS Critical Security Controls may map to multiple NIST control families.
Cite all sources using APA guidelines.