Writing a Cybersecurity Accreditation Package: A 21st Century NIST-based & CMMC Roadmap (The Complete Nist 800-171 Security Assessors' Package, Band 2) - Softcover

Buch 2 von 4: The Complete NIST 800-171 Security Assessors' Package

RUSSO CISSP-ISSAP, MARK A.

 
9798615183973: Writing a Cybersecurity Accreditation Package: A 21st Century NIST-based & CMMC Roadmap (The Complete Nist 800-171 Security Assessors' Package, Band 2)
Softcover
ISBN 13: 9798615183973
Verlag: Independently published, 2020

Inhaltsangabe

IF YOU ARE WRITING AN ACCREDITATION PACKAGE FOR NIST 800-171 OR CMMC, THIS BOOK IS DESIGNED FOR THE COMPANY LEADERSHIP AND ITS IT STAFF TO BE SUCCESSFUL...

IT WILL SAVE YOU TIME AND HEADACHES...THIS IS A HOW-TO, NOT A "50,000 FOOT VIEW" BOOK!

Introducing the Security Authorization Development Package Model (SADP-M). I hope this helps you create a fully auditable and complete package under the base NIST 800-171 and the Cybersecurity Maturity Model Certification (CMMC) process emerging from the Department of Defense (DOD). I have added CMMC control traceability for Levels 1 through 3 in this version. This model introduces the Global Cybersecurity Policy (G-CSP). It forms the starting point for required accreditation documentation under NIST 800-171, applicable to CMMC. This is a defined process to help create auditable packages for accreditation. The assigned IT professional or ISSO will subsequently populate and provide answers for the auditor in the G-CSP. After this work is completed, the ISSO will begin to "strip out" the other documents, including the SSP, CSP, POAM, etc. One of the most common requests I receive from my readers is help in creating an effective Cybersecurity Policy (CSP). I initially was focused on the two major technical parts of the NIST 800-171 accreditation package, the System Security Plan (SSP) and Plans of Action and Milestones (POAM). I consider the CSP more a Human Resources effort that focuses on the people side of the People-Process-Technology Triad, but no less critical. Fortunately, I have recently been able to dedicate the time to develop what I describe as an onion approach to create a CSP. I describe a GLOBAL CSP as a base document that the cybersecurity professional can strip out the SSP, the final CSP, and several other vital cybersecurity documents needed to manage any IT system.

Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.

Verlag
Independently published
Erscheinungsdatum
2020
Sprache
Englisch
ISBN 13 
9798615183973
Einband
Taschenbuch
Anzahl der Seiten
293
Kontakt zum Hersteller
Manufactured by Amazon on behalf of the author
https://www.amazon.de/hz/contact-us

c/o Amazon Media EU S.à.r.l., 38 Avenue John F. Kennedy
Luxembourg
L-1855
Luxemburg