Abstract
Compliance frameworks provide the link between regulatory mandates and the business practices required to support them. Frameworks provide a model and structure that organizes and categorizes risk and associated internal controls to help organizations monitor and measure the effectiveness of their activities and investments. This goal is typically achieved through a set of control objectives outlined in the framework, which allows the organization to assess the security posture and set goals to improve procedures to protect systems and data. Another significant benefit of leveraging a compliance framework is that it can help an organization prioritize and coordinate activities, not only for a single regulatory mandate but across multiple compliance mandates as well.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2018 Morey J. Haber, Brad Hibbert
About this chapter
Cite this chapter
Haber, M.J., Hibbert, B. (2018). Risk Management Frameworks. In: Asset Attack Vectors. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-3627-7_20
Download citation
DOI: https://doi.org/10.1007/978-1-4842-3627-7_20
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-3626-0
Online ISBN: 978-1-4842-3627-7
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books