NIST Cybersecurity Framework A Complete Guide - 2020 Edition
()
About this ebook
Have the concerns of stakeholders to help identify and define potential barriers been obtained and analyzed? Is there a business case where additional cyber security risks are involved? Does a breach notification obligation relate to the obligations in the Cyber Security Directive? Who is responsible for cybersecurity? Where do you go to learn about cybersecurity threats and trends?
Defining, designing, creating, and implementing a process to solve a challenge or meet an objective is the most valuable role… In EVERY group, company, organization and department.
Unless you are talking a one-time, single-use project, there should be a process. Whether that process is managed and implemented by humans, AI, or a combination of the two, it needs to be designed by someone with a complex enough perspective to ask the right questions. Someone capable of asking the right questions and step back and say, 'What are we really trying to accomplish here? And is there a different way to look at it?'
This Self-Assessment empowers people to do just that - whether their title is entrepreneur, manager, consultant, (Vice-)President, CxO etc... - they are the people who rule the future. They are the person who asks the right questions to make NIST Cybersecurity Framework investments work better.
This NIST Cybersecurity Framework All-Inclusive Self-Assessment enables You to be that person.
All the tools you need to an in-depth NIST Cybersecurity Framework Self-Assessment. Featuring 911 new and updated case-based questions, organized into seven core areas of process design, this Self-Assessment will help you identify areas in which NIST Cybersecurity Framework improvements can be made.
In using the questions you will be better able to:
- diagnose NIST Cybersecurity Framework projects, initiatives, organizations, businesses and processes using accepted diagnostic standards and practices
- implement evidence-based best practice strategies aligned with overall goals
- integrate recent advances in NIST Cybersecurity Framework and process design strategies into practice according to best practice guidelines
Using a Self-Assessment tool known as the NIST Cybersecurity Framework Scorecard, you will develop a clear picture of which NIST Cybersecurity Framework areas need attention.
Your purchase includes access details to the NIST Cybersecurity Framework self-assessment dashboard download which gives you your dynamically prioritized projects-ready tool and shows your organization exactly what to do next. You will receive the following contents with New and Updated specific criteria:
- The latest quick edition of the book in PDF
- The latest complete edition of the book in PDF, which criteria correspond to the criteria in...
- The Self-Assessment Excel Dashboard
- Example pre-filled Self-Assessment Excel Dashboard to get familiar with results generation
- In-depth and specific NIST Cybersecurity Framework Checklists
- Project management checklists and templates to assist with implementation
INCLUDES LIFETIME SELF ASSESSMENT UPDATES
Every self assessment comes with Lifetime Updates and Lifetime Free Updated Books. Lifetime Updates is an industry-first feature which allows you to receive verified self assessment updates, ensuring you always have the most accurate information at your fingertips.
Read more from Gerardus Blokdyk
Logistics and Supply Chain Management Complete Self-Assessment Guide Rating: 5 out of 5 stars5/5HR Analytics Complete Self-Assessment Guide Rating: 5 out of 5 stars5/5SAP HANA Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsData Governance Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsSAP SD Complete Self-Assessment Guide Rating: 4 out of 5 stars4/5ISO 27001 Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsKey Performance Indicator KPI Standard Requirements Rating: 4 out of 5 stars4/5SAP MM Complete Self-Assessment Guide Rating: 4 out of 5 stars4/5ISO 14644 A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsQuality Assurance Complete Self-Assessment Guide Rating: 4 out of 5 stars4/5Project Management Office PMO Complete Self-Assessment Guide Rating: 5 out of 5 stars5/5ISO 45001 Second Edition Rating: 4 out of 5 stars4/5Power BI A Complete Guide Rating: 3 out of 5 stars3/5Enterprise Risk Management Complete Self-Assessment Guide Rating: 5 out of 5 stars5/5ISO 26262 Complete Self-Assessment Guide Rating: 3 out of 5 stars3/5SAP Supply Chain Management Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsSAP PM Complete Self-Assessment Guide Rating: 1 out of 5 stars1/5SAP CO Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsMicrosoft Dynamics 365 For Finance And Operations A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsNational Electrical Code Second Edition Rating: 0 out of 5 stars0 ratingsSWOT Analysis A Complete Guide - 2019 Edition Rating: 5 out of 5 stars5/5TOGAF Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsReliability Centered Maintenance Rcm Complete Self-Assessment Guide Rating: 3 out of 5 stars3/5Human resource management Complete Self-Assessment Guide Rating: 5 out of 5 stars5/5Ux UI design Complete Self-Assessment Guide Rating: 4 out of 5 stars4/5Python Data Structures and Algorithms Complete Self-Assessment Guide Rating: 5 out of 5 stars5/5Financial audit Complete Self-Assessment Guide Rating: 4 out of 5 stars4/5AUTOSAR Complete Self-Assessment Guide Rating: 3 out of 5 stars3/5Root-cause analysis Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsISO IEC 17025 A Clear and Concise Reference Rating: 5 out of 5 stars5/5
Related to NIST Cybersecurity Framework A Complete Guide - 2020 Edition
Related ebooks
NIST Cybersecurity Framework A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsCybersecurity Policy A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsCyber Security Incident Response A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsCyber Security Policy A Complete Guide - 2020 Edition Rating: 5 out of 5 stars5/5Cybersecurity ISMS Policies And Procedures A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsCyber Security Awareness A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsCyber Security Threat Intelligence A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsNIST Cybersecurity Framework: A pocket guide Rating: 0 out of 5 stars0 ratingsCybersecurity Risk Management A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsManaging Cybersecurity Risk: Cases Studies and Solutions Rating: 5 out of 5 stars5/5Cyber Incident Response Plan A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsManaging Cybersecurity Risk: Book 3 Rating: 0 out of 5 stars0 ratingsNine Steps to Success: North American edition: An ISO 27001 Implementation Overview Rating: 0 out of 5 stars0 ratingsBuilding an Effective Cybersecurity Program, 2nd Edition Rating: 0 out of 5 stars0 ratingsBuilding Effective Cybersecurity Programs: A Security Manager’s Handbook Rating: 4 out of 5 stars4/5Cyber-security regulation Third Edition Rating: 0 out of 5 stars0 ratingsIntroduction to US Cybersecurity Careers Rating: 3 out of 5 stars3/5The Cybersecurity Maturity Model Certification (CMMC) – A pocket guide Rating: 0 out of 5 stars0 ratingsSecurity Operations Center - SIEM Use Cases and Cyber Threat Intelligence Rating: 0 out of 5 stars0 ratingsCybersecurity Operations Handbook Rating: 5 out of 5 stars5/5Cybersecurity 2021 Rating: 0 out of 5 stars0 ratingsInformation Security for Small and Midsized Businesses Rating: 0 out of 5 stars0 ratingsCyber Security Risk Management Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsCybersecurity ABCs: Delivering awareness, behaviours and culture change Rating: 0 out of 5 stars0 ratingsOperationalizing Information Security: Putting the Top 10 SIEM Best Practices to Work Rating: 0 out of 5 stars0 ratingsThe Information Systems Security Officer's Guide: Establishing and Managing a Cyber Security Program Rating: 0 out of 5 stars0 ratingsThe Manager’s Guide to Cybersecurity Law: Essentials for Today's Business Rating: 5 out of 5 stars5/5CISM A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsCISSP Study Guide Rating: 0 out of 5 stars0 ratingsSecurity Controls Evaluation, Testing, and Assessment Handbook Rating: 5 out of 5 stars5/5
Business For You
The Intelligent Investor, Rev. Ed: The Definitive Book on Value Investing Rating: 4 out of 5 stars4/5The Richest Man in Babylon: The most inspiring book on wealth ever written Rating: 5 out of 5 stars5/5How to Write a Grant: Become a Grant Writing Unicorn Rating: 5 out of 5 stars5/5Crucial Conversations: Tools for Talking When Stakes are High, Third Edition Rating: 4 out of 5 stars4/5Becoming Bulletproof: Protect Yourself, Read People, Influence Situations, and Live Fearlessly Rating: 4 out of 5 stars4/5The Book of Beautiful Questions: The Powerful Questions That Will Help You Decide, Create, Connect, and Lead Rating: 4 out of 5 stars4/5Your Next Five Moves: Master the Art of Business Strategy Rating: 5 out of 5 stars5/5Emotional Intelligence: Exploring the Most Powerful Intelligence Ever Discovered Rating: 5 out of 5 stars5/5Confessions of an Economic Hit Man, 3rd Edition Rating: 5 out of 5 stars5/5Robert's Rules Of Order Rating: 5 out of 5 stars5/5Carol Dweck's Mindset The New Psychology of Success: Summary and Analysis Rating: 4 out of 5 stars4/5The Everything Guide To Being A Paralegal: Winning Secrets to a Successful Career! Rating: 5 out of 5 stars5/5Tools Of Titans: The Tactics, Routines, and Habits of Billionaires, Icons, and World-Class Performers Rating: 4 out of 5 stars4/5Crucial Conversations Tools for Talking When Stakes Are High, Second Edition Rating: 4 out of 5 stars4/5Law of Connection: Lesson 10 from The 21 Irrefutable Laws of Leadership Rating: 4 out of 5 stars4/5The Five Dysfunctions of a Team: A Leadership Fable, 20th Anniversary Edition Rating: 4 out of 5 stars4/5Just Listen: Discover the Secret to Getting Through to Absolutely Anyone Rating: 4 out of 5 stars4/5Collaborating with the Enemy: How to Work with People You Don’t Agree with or Like or Trust Rating: 4 out of 5 stars4/5Capitalism and Freedom Rating: 4 out of 5 stars4/5Real Artists Don't Starve: Timeless Strategies for Thriving in the New Creative Age Rating: 4 out of 5 stars4/5Set for Life: An All-Out Approach to Early Financial Freedom Rating: 4 out of 5 stars4/5The Catalyst: How to Change Anyone's Mind Rating: 4 out of 5 stars4/5
Reviews for NIST Cybersecurity Framework A Complete Guide - 2020 Edition
0 ratings0 reviews
Book preview
NIST Cybersecurity Framework A Complete Guide - 2020 Edition - Gerardus Blokdyk
NIST Cybersecurity Framework
Complete Self-Assessment Guide
The guidance in this Self-Assessment is based on NIST Cybersecurity Framework best practices and standards in business process architecture, design and quality management. The guidance is also based on the professional judgment of the individual collaborators listed in the Acknowledgments.
Notice of rights
You are licensed to use the Self-Assessment contents in your presentations and materials for internal use and customers without asking us - we are here to help.
All rights reserved for the book itself: this book may not be reproduced or transmitted in any form by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher.
The information in this book is distributed on an As Is
basis without warranty. While every precaution has been taken in the preparation of he book, neither the author nor the publisher shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the instructions contained in this book or by the products described in it.
Trademarks
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations appear as requested by the owner of the trademark. All other product names and services identified throughout this book are used in editorial fashion only and for the benefit of such companies with no intention of infringement of the trademark. No such use, or the use of any trade name, is intended to convey endorsement or other affiliation with this book.
Copyright © by The Art of Service
http://theartofservice.com
service@theartofservice.com
About The Art of Service
The Art of Service, Business Process Architects since 2000, is dedicated to helping stakeholders achieve excellence.
Defining, designing, creating, and implementing a process to solve a stakeholders challenge or meet an objective is the most valuable role… In EVERY group, company, organization and department.
Unless you’re talking a one-time, single-use project, there should be a process. Whether that process is managed and implemented by humans, AI, or a combination of the two, it needs to be designed by someone with a complex enough perspective to ask the right questions.
Someone capable of asking the right questions and step back and say, ‘What are we really trying to accomplish here? And is there a different way to look at it?’
With The Art of Service’s Standard Requirements Self-Assessments, we empower people who can do just that — whether their title is marketer, entrepreneur, manager, salesperson, consultant, Business Process Manager, executive assistant, IT Manager, CIO etc... —they are the people who rule the future. They are people who watch the process as it happens, and ask the right questions to make the process work better.
Contact us when you need any support with this Self-Assessment and any help with templates, blue-prints and examples of standard documents you might need:
http://theartofservice.com
service@theartofservice.com
Included Resources - how to access
Included with your purchase of the book is the NIST Cybersecurity Framework Self-Assessment Spreadsheet Dashboard which contains all questions and Self-Assessment areas and auto-generates insights, graphs, and project RACI planning - all with examples to get you started right away.
How? Simply send an email to
access@theartofservice.com
with this books’ title in the subject to get the NIST Cybersecurity Framework Self Assessment Tool right away.
You will receive the following contents with New and Updated specific criteria:
•The latest quick edition of the book in PDF
•The latest complete edition of the book in PDF, which criteria correspond to the criteria in...
•The Self-Assessment Excel Dashboard, and...
•Example pre-filled Self-Assessment Excel Dashboard to get familiar with results generation
•In-depth specific Checklists covering the topic
•Project management checklists and templates to assist with implementation
INCLUDES LIFETIME SELF ASSESSMENT UPDATES
Every self assessment comes with Lifetime Updates and Lifetime Free Updated Books. Lifetime Updates is an industry-first feature which allows you to receive verified self assessment updates, ensuring you always have the most accurate information at your fingertips.
Get it now- you will be glad you did - do it now, before you forget.
Send an email to access@theartofservice.com with this books’ title in the subject to get the NIST Cybersecurity Framework Self Assessment Tool right away.
Purpose of this Self-Assessment
This Self-Assessment has been developed to improve understanding of the requirements and elements of NIST Cybersecurity Framework, based on best practices and standards in business process architecture, design and quality management.
It is designed to allow for a rapid Self-Assessment to determine how closely existing management practices and procedures correspond to the elements of the Self-Assessment.
The criteria of requirements and elements of NIST Cybersecurity Framework have been rephrased in the format of a Self-Assessment questionnaire, with a seven-criterion scoring system, as explained in this document.
In this format, even with limited background knowledge of NIST Cybersecurity Framework, a manager can quickly review existing operations to determine how they measure up to the standards. This in turn can serve as the starting point of a ‘gap analysis’ to identify management tools or system elements that might usefully be implemented in the organization to help improve overall performance.
How to use the Self-Assessment
On the following pages are a series of questions to identify to what extent your NIST Cybersecurity Framework initiative is complete in comparison to the requirements set in standards.
To facilitate answering the questions, there is a space in front of each question to enter a score on a scale of ‘1’ to ‘5’.
1 Strongly Disagree
2 Disagree
3 Neutral
4 Agree
5 Strongly Agree
Read the question and rate it with the following in front of mind:
‘In my belief,
the answer to this question is clearly defined’.
There are two ways in which you can choose to interpret this statement;
1.how aware are you that the answer to the question is clearly defined
2.for more in-depth analysis you can choose to gather evidence and confirm the answer to the question. This obviously will take more time, most Self-Assessment users opt for the first way to interpret the question and dig deeper later on based on the outcome of the overall Self-Assessment.
A score of ‘1’ would mean that the answer is not clear at all, where a ‘5’ would mean the answer is crystal clear and defined. Leave emtpy when the question is not applicable or you don’t want to answer it, you can skip it without affecting your score. Write your score in the space provided.
After you have responded to all the appropriate statements in each section, compute your average score for that section, using the formula provided, and round to the nearest tenth. Then transfer to the corresponding spoke in the NIST Cybersecurity Framework Scorecard on the second next page of the Self-Assessment.
Your completed NIST Cybersecurity Framework Scorecard will give you a clear presentation of which NIST Cybersecurity Framework areas need attention.
NIST Cybersecurity Framework
Scorecard Example
Example of how the finalized Scorecard can look like:
NIST Cybersecurity Framework
Scorecard
Your Scores:
BEGINNING OF THE
SELF-ASSESSMENT:
Table of Contents
About The Art of Service8
Included Resources - how to access8
Purpose of this Self-Assessment10
How to use the Self-Assessment11
NIST Cybersecurity Framework
Scorecard Example13
NIST Cybersecurity Framework
Scorecard14
BEGINNING OF THE
SELF-ASSESSMENT:15
CRITERION #1: RECOGNIZE16
CRITERION #2: DEFINE:24
CRITERION #3: MEASURE:36
CRITERION #4: ANALYZE:43
CRITERION #5: IMPROVE:55
CRITERION #6: CONTROL:72
CRITERION #7: SUSTAIN:89
NIST Cybersecurity Framework and Managing Projects, Criteria for Project Managers:133
1.0 Initiating Process Group: NIST Cybersecurity Framework134
1.1 Project Charter: NIST Cybersecurity Framework136
1.2 Stakeholder Register: NIST Cybersecurity Framework138
1.3 Stakeholder Analysis Matrix: NIST Cybersecurity Framework139
2.0 Planning Process Group: NIST Cybersecurity Framework141
2.1 Project Management Plan: NIST Cybersecurity Framework143
2.2 Scope Management Plan: NIST Cybersecurity Framework145
2.3 Requirements Management Plan: NIST Cybersecurity Framework147
2.4 Requirements Documentation: NIST Cybersecurity Framework149
2.5 Requirements Traceability Matrix: NIST Cybersecurity Framework151
2.6 Project Scope Statement: NIST Cybersecurity Framework153
2.7 Assumption and Constraint Log: NIST Cybersecurity Framework155
2.8 Work Breakdown Structure: NIST Cybersecurity Framework157
2.9 WBS Dictionary: NIST Cybersecurity Framework159
2.10 Schedule Management Plan: NIST Cybersecurity Framework162
2.11 Activity List: NIST Cybersecurity Framework164
2.12 Activity Attributes: NIST Cybersecurity Framework166
2.13 Milestone List: NIST Cybersecurity Framework168
2.14 Network Diagram: NIST Cybersecurity Framework170
2.15 Activity Resource Requirements: NIST Cybersecurity Framework172
2.16 Resource Breakdown Structure: NIST Cybersecurity Framework173
2.17 Activity Duration Estimates: NIST Cybersecurity Framework175
2.18 Duration Estimating Worksheet: NIST Cybersecurity Framework177
2.19 Project Schedule: NIST Cybersecurity Framework179
2.20 Cost Management Plan: NIST Cybersecurity Framework181
2.21 Activity Cost Estimates: NIST Cybersecurity Framework183
2.22 Cost Estimating Worksheet: NIST Cybersecurity Framework185
2.23 Cost Baseline: NIST Cybersecurity Framework187
2.24 Quality Management Plan: NIST Cybersecurity Framework189
2.25 Quality Metrics: NIST Cybersecurity Framework191
2.26 Process Improvement Plan: NIST Cybersecurity Framework193
2.27 Responsibility Assignment Matrix: NIST Cybersecurity Framework195