follow up reply to the discussion post below just half page

You have explained why the company needs to employ a cybersecurity framework based on NIST and families of control that are described in the NIST SP 800-53. I agree with you that the company is lacking in internal controls and what kind of controls can be used to reduce or mitigate the mentioned risk? This assignment was for you to recommend IT security controls and you recommended implementing NIST but I would have added more details. For example, to prevent such incidents and using NIST families of controls, AU (Audit and Accountability) and CP (Contingency Planning) should be used to deter such deficiencies. In more detail, audit management software can be used to leave records of events that occurred. This will deter criminal activities by using company IT assets. Also, I want to point out that using a proper business memorandum format to address the recommendation per assignment’s description.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *