Difference between revisions of "Workflows"

From Cybersec Standards
Jump to: navigation, search
(Created page with "Building a holistic security program is not a trivial process. However, you can get started by following a simplified workflow and build from there. It is important to rememb...")
 
Line 3: Line 3:
 
It is important to remember that security is a lifecycle. It must be continually maintained and refined.
 
It is important to remember that security is a lifecycle. It must be continually maintained and refined.
  
== Organizational ==
+
== Organizational ==  
* COBIT
+
* COBIT - Governance at an organizational level
* NIST
+
* NIST - Cybersecurity Framework with holistic guidance for different functional areas of the organization.
  
 
== Technical Security ==
 
== Technical Security ==

Revision as of 06:26, 25 July 2020

Building a holistic security program is not a trivial process. However, you can get started by following a simplified workflow and build from there.

It is important to remember that security is a lifecycle. It must be continually maintained and refined.

Organizational

  • COBIT - Governance at an organizational level
  • NIST - Cybersecurity Framework with holistic guidance for different functional areas of the organization.

Technical Security

  • Platform Security
  • App Security
  • Developer Workflow
  • Network Security

Legal Compliance

  • Data Protection Impact Assessment
  • Regional Privacy and Data Security Laws
  • Industry-specific Laws
    • HIPAA
  • Privacy Management
    • Employee Training
    • Consumer Rights

Risk Management

  • Risk Analysis