Amazon cover image
Image from Amazon.com

Information technology security audit guidebook for NIST SP 800-171 / Mark A. Russo

By: Material type: TextTextPublication details: Washington : Syber-Risk.com, c2020Edition: Second EditionDescription: 257 pages ; 21 pagesISBN:
  • 9781726674904
Subject(s): LOC classification:
  • QA 76.9.A93 .R87 2020
Contents:
For NIST 800-171 Security Auditors -- Elements of good Audit practice -- Current NIST 800+171 Contract direction and development -- Why pursue an expansion of NIST-based cybersecurity standards? -- People-Process-Technology PPT Model -- More about artifacts and POAMs -- All things considered -- How to use this book -- ACCESS CONTROL -- AWARENESS & TRAINING (AT) -- AUDIT AND ACCOUNTABILITY (AU) -- CONFIGURATION MANAGEMENT (CM) -- IDENTIFICATION AND AUTHENTICATION (IA) -- INCIDENT RESPONSE (IR) -- MAINTENANCE (MA) -- MEDIA PROTECTION (MP) -- PERSONNEL SECURITY (PS) -- PHYSICAL PROTECTION (PP) -- RISK ASSESSMENT (RA) -- SECURITY ASSESSMENT (SA) -- SYSTEM AND COMMUNICATIONS PROTECTION (SC) -- SYSTEM AND INFORMATION INTEGRITY (SI) -- CONSCLUSION.
Summary: This book is designed to walk the auditor through each of the 110 controls with a thorough understanding of whether a control is met or not. There is no "partial credit." While the process is subjective, the assessor must make a reasonable determination that the system owner understands and can demonstrate his company or agency's compliance with NIST 800-171. We include a compliance checklist designed to build out a record of the audit. This has been one of our most sought books on the evolving state of NIST 800-171.
Item type: Books
Tags from this library: No tags from this library for this title. Log in to add tags.
Star ratings
    Average rating: 0.0 (0 votes)
Holdings
Item type Current library Home library Collection Call number Copy number Status Date due Barcode
Books Books National University - Manila LRC - Annex II General Circulation Accountancy GC QA 76.9.A93 .R87 2020 (Browse shelf(Opens below)) c.1 Available NULIB000018417

For NIST 800-171 Security Auditors -- Elements of good Audit practice -- Current NIST 800+171 Contract direction and development -- Why pursue an expansion of NIST-based cybersecurity standards? -- People-Process-Technology PPT Model -- More about artifacts and POAMs -- All things considered -- How to use this book -- ACCESS CONTROL -- AWARENESS & TRAINING (AT) -- AUDIT AND ACCOUNTABILITY (AU) -- CONFIGURATION MANAGEMENT (CM) -- IDENTIFICATION AND AUTHENTICATION (IA) -- INCIDENT RESPONSE (IR) -- MAINTENANCE (MA) -- MEDIA PROTECTION (MP) -- PERSONNEL SECURITY (PS) -- PHYSICAL PROTECTION (PP) -- RISK ASSESSMENT (RA) -- SECURITY ASSESSMENT (SA) -- SYSTEM AND COMMUNICATIONS PROTECTION (SC) -- SYSTEM AND INFORMATION INTEGRITY (SI) -- CONSCLUSION.

This book is designed to walk the auditor through each of the 110 controls with a thorough understanding of whether a control is met or not. There is no "partial credit." While the process is subjective, the assessor must make a reasonable determination that the system owner understands and can demonstrate his company or agency's compliance with NIST 800-171. We include a compliance checklist designed to build out a record of the audit. This has been one of our most sought books on the evolving state of NIST 800-171.

There are no comments on this title.

to post a comment.