The most valuable asset any entity possesses is information. Technology plays a key role in the management and protection of information from the time it is created up to the moment it is destroyed.

Using COBIT 5 ensures that implementation of the NIST framework will be driven by management and treated as an investment, supported by a business case, with transparent monitoring of the benefits (ROI). Ultimately management must take ownership and engage with service providers and experts. COBIT5 enables a dialogue between management and security experts based on easy to understand security management practices.

The key guiding principles of this approach are to:

Make sure stakeholders understand the context of cybersecurity – ‘de-mystify’

Understand the risks as well as the potential benefits of adopting good practices so there is management buy-in, support, and sustainable solutions

Consider cybersecurity as a part of broader information security as a whole by taking a systematic approach, not a piecemeal ‘plugging of holes’

Initiate a continual improvement approach so that cybersecurity is regularly improved and addressed

Implement security improvements that are guided by the NIST Framework that matches the profile of the enterprise that will minimise security incidents and also enable recovery from any incidents that might occur.

For more information, please see the COBIT 5 NIST – EN V1.1.pdf

Fifalde Consulting is an Accredited Training Organization through PeopleCert

COBIT5 ATO logo

NIST Cybersecurity / COBIT® 5

NIST Cybersecurity / COBIT® 5

-

Tickets

Event Navigation