For your Module One Project, start by taking the time to familiarize yourself with the POAM
and understand how various systems are evaluated against a common set of compliance frameworks. Study the controls in the POAM and review them against NIST
frameworks for similar type of controls. In addition, review these security controls against the standards in ISO 27000
.Take note on how security controls can be met in diverse ways and still meet overall compliance. With your review of these controls and standards complete, you should feel confident in picking two security control identified in the POAM
listed as being compliant. As part you audit, you should also review the company’s network. Please review the CRSS Network Diagram.
CRSS Network Diagram.pptx
NOTE: The various frameworks are usually very similar, though differences exist relevant to their industry focus. ISO 27000 and COBIT are meant to focus on private sector compliance, while NIST is focused on public sector.
You can review each framework at:
For this week, you will use the IA security control you chose and in a brief report address the following: