FYT Task 4

SoccerBoss
Category:
Computer Science
Price: $60 USD

Question description

scenario.docx

 rubic.pdf 

rmf_to_do_list_ctnsrpf.pdf 

healthy_body_wellness_center_risk_assessment_ctnrspf.pdf 

The National Institute of Standards and Technology (NIST) replaced the former NIST Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems with NIST Special Publication 800-37 Revision 1, Guide for Applying Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach. The NIST document changed from a certification and accreditation framework to a risk management framework because information security management systems should be regularly reviewed, updated, and maintained. It makes more sense to follow a security life cycle approach (continuous monitoring) versus a single one-time static certification/accreditation approach.
 
For this task, you will be using NIST Special Publication 800-37 Revision 1, Guide for Applying Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach and the attached “Healthy Body Wellness Center Risk Assessment” case study.

You have been hired to apply the NIST’s risk management framework to the Healthy Body Wellness Center’s information systems. You know that the organization has recently had a risk assessment completed that includes recommendations for implementing security controls and mitigating risks. In your new role, a team of people will be assigned to help you with the task. The first job you are tasked with is creating a to-do list for the specific tasks outlined in each of the six steps in the risk management framework (RMF).
 
Task:

A.  Discuss key elements that need to be addressed as part of the risk management framework by completing the attached “RMF To-Do List.”

B.  Create a white paper that compares the ISO 27002, COBIT, NIST, and ITIL frameworks by doing the following:

1.  Discuss how each framework is most commonly used.

2.  Analyze the purpose of each framework design.

3.  Evaluate the strengths of each framework.

4.  Evaluate the weaknesses of each framework.

5.  Discuss the certification and accreditation process for the frameworks.

6.  Discuss when you would choose to use each framework (e.g., ISO 27002 versus COBIT, NIST, or ITIL).

C.  When you use sources, include all in-text citations and references in APA format.


Tutor Answer

(Top Tutor) Daniel C.
(997)
School: Boston College
PREMIUM TUTOR
Studypool has helped 1,244,100 students
Ask your homework questions. Receive quality answers!

Type your question here (or upload an image)

1829 tutors are online

Brown University





1271 Tutors

California Institute of Technology




2131 Tutors

Carnegie Mellon University




982 Tutors

Columbia University





1256 Tutors

Dartmouth University





2113 Tutors

Emory University





2279 Tutors

Harvard University





599 Tutors

Massachusetts Institute of Technology



2319 Tutors

New York University





1645 Tutors

Notre Dam University





1911 Tutors

Oklahoma University





2122 Tutors

Pennsylvania State University





932 Tutors

Princeton University





1211 Tutors

Stanford University





983 Tutors

University of California





1282 Tutors

Oxford University





123 Tutors

Yale University





2325 Tutors