web analytics

NIST Policy Template Guide

Rate this post

The Multi-State Information Sharing & Analysis Center (MS-ISAC) is offering this guide to participants of the Nationwide Cybersecurity Review (NCSR) and MSISAC members, as a resource to assist with the application and advancement of cybersecurity policies.
The policy templates are provided courtesy of the State of New York and the State of California. The templates can be customized and used as an outline of an organizational policy, with additional details to be added by the end user.
The NCSR question set represents the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). This guide gives the correlation between 49 of the NIST CSF subcategories, and applicable policy and standard templates. A NIST subcategory is represented by text, such as “ID.AM-5.” This represents the NIST function of Identify and the category of Asset Management. For additional information on services provided by the Multi-State Information Sharing & Analysis Center (MS-ISAC), please refer to the following page: https://www.cisecurity.org/ms-isac/services/. These policy templates are also mapped to the resources MS-ISAC and CIS provide, open source resources, and free FedVTE training: https://www.cisecurity.org/wp-content/uploads/2019/11/Cybersecurity-
Resources-Guide.pdf.
Disclaimer: These policies may not reference the most recent applicable NIST revision, however may be used as a baseline template for end users. These policy templates are not to be used for profit or monetary gain by any organization.

Views: 2

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

More Latest Published Posts