Litcius/Paper detail

A High-Level Comparison between the NIST Cyber Security Framework and the ISO 27001 Information Security Standard

Prameet P. Roy

202058 citationsDOI

Abstract

This paper provides a high-level comparison between the National Institute of Standards and Technology's (NIST) Cyber Security Framework and the ISO 27001 Information Security Standard. Pros, cons and the advantages each framework holds over the other and how an organization would select an appropriate framework between CSF and ISO 27001 have been discussed along with a detailed comparison of how major security controls framework/guidelines like NIST SP 800-53, CIS Top-20 and ISO 27002 can be mapped back to each.

Topics & Concepts

NISTInformation security management systemCertified Information Systems Security ProfessionalStandard of Good PracticeITIL security managementInformation systems securityInformation securityComputer scienceComputer securitySecurity serviceCloud computing securityEngineeringInformation systemSecurity information and event managementManagement information systemsOperating systemCloud computingNetwork security policyElectrical engineeringNatural language processingInformation and Cyber SecurityDigital and Cyber ForensicsNetwork Security and Intrusion Detection