Comparisons of Information Security Management Frameworks
Today’s economy depends on the secure flow of information within and across organizations. Thus, making information security is an issue of vital importance. A secure and trusted environment for stored and shared information greatly enhances consumer benefits, business performance and productivity, and national security. Conversely, an insecure environment creates the potential for serious damage to governments and corporations that could significantly undermine consumers and citizens. The stakes are particularly high for businesses engaged in critical activities, such as electrical power generation, banking and finance, or healthcare.
It can be very overwhelming for a …show more content…
The decision made to use a particular IT security framework is driven by multiple factors. The type of industry or compliance requirements can be the deciding factors. COBIT is known to be used by publicly traded companies in order to comply with Sarbanes Oxley. The magnum opus of information security frameworks is the ISO 27000 series, because it has applicability in any industry. However, it is best used where the company needs to market information security capabilities through the ISO 27000 certification. The standard required by the United States federal agencies is the NIST SP 800-53. The beauty of this framework is that it could also be used by any company to build technology specific information security plan.
Effective IT security