This
web page presents a brief Plain English overview
of the Also
see NIST
Cybersecurity Framework and NIST Privacy
Framework. ![]() |
Part 4 Context asks
you to understand your organization and its context
before This means that you need to
understand your
organization's approach |
Part 5 Leadership
expects your organization's
top management to
provide |
Part 6 Planning asks
you to identify the risks and
opportunities that could It also asks you to assess your
organization’s information security risks, to select Finally, it asks you to establish
information security objectives at all relevant |
Part 7 Support expects
your organization to support its ISMS by providing resources. It asks you to ensure the competence of the people who have an impact on your organization's security and to ensure that they are aware of their responsibilities. It then asks you to figure out how extensive and detailed your organization’s ISMS documents and records need to be. It then asks you to include all necessary documents and records and to manage and control their creation and modification. |
Part 8 Operation asks
you to establish the processes that your organization Part 8 also asks you to perform
regular information security risk
assessments,
|
Part 9 Evaluation asks
you to monitor, measure, analyze, audit, and evaluate your organization's ISMS and to review its suitability, adequacy, and effectiveness at planned intervals. |
Part 10 Improvement
asks you to identify
nonconformities, to take appropriate |
Updated on April 5, 2021. First published on November 12, 2013.
Praxiom Research Group Limited help@praxiom.com 780-461-4514 |
Legal Restrictions on
the Use of this Page
Copyright © 2013 - 2021 by Praxiom Research Group Limited. All Rights Reserved. |