Comparison of Information Security frameworks
Guys, I am seeking information on the advantages and disadvantages of different frameworks including NIST, ISO and COBIT. Can anyone kindly assist?
Comments
-
SteveLavoie Member Posts: 1,133 ■■■■■■■■■□Quick answer as I am a specialist in that domain. In my opinion, we need to know in which kind of environnement you want to implement. Also, do you need to meet a specific compliance check or you just want to have a framework for your security program? If you want some "basic" technical pointer, you could consider CIS Control (formerly SANS Top 20). If you are in Canada, you can also consider the CyberSecure SMB program (13 basics controls for SMB).