- Summarize DIACAP and ISO27002’s framework and history. - Choosing either DIACA

Question

- Summarize DIACAP and ISO27002’s framework and history.

- Choosing either DIACAP or ISO27002, update your plan to include the following:

1. Describe how and where the framework could be applied.

2. Include a discussion about how and if the concepts could be applied to a government or public company or is there a potential for overlap.

3. Using the framework, show how it can be applied to a medium-sized system.

- Add the discussion about the frameworks and their application to the section titled: Preparing for Certification.

Explanation / Answer

1)

DIACAPis the department of defence information assurance certification and accredation process. DIACAP ensures the companies and organisations information systems to be secure by applying risk managment, patching etc.

DIACAP is created by the department of defence in responce to Federal Information Security Managment Act. This law is for the u.s. national security and to secure the information systems of federal government. This law ensures the. The NSA is responcible for designing the frame work to ensure the security of information systems.

ISO27002:-

ISO27002 implements the security guidelines to implement the information systems in the organisation. It provides many rules to implement the information system. Those are standard rules to address the issues during risk assessment.

ISO 27002 is implemented by International organisation of standardisation and the International electrotechnical commission. These provides the best measures for implementing and maintaining of information security systems to preserve the data confidentialit, reliability and high availability.

Related Questions

Navigate

• Browse (All)
• Browse #
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.