The federal and private sector organization is considering ISO/IEC 27001:2013 certification and currently holds a Level 3 strategic alignment organizational alignment maturity (established policies, procedures, and SOPs).
computer science
Description
The
federal and private sector organization is considering ISO/IEC 27001:2013
certification and currently holds a Level 3 strategic alignment organizational
alignment maturity (established policies, procedures, and SOPs). The
organization requires additional work to obtain an optimized state and you have
been asked to lead the effort to get them there.
In 1,000-word paper, describe
the steps you would use to help the organization begin to prepare for this
certification. Make sure to address the following:
- What is the organizational
readiness for certification? Review the Strategic Alignment Maturity Model
Levels for this portion.
- How many members of your
internal audit team will you need to perform the risk assessment? How long
will the risk assessment take?
- What internal technology teams
and other key stakeholders will you need to engage?
- Provide a
brief description of the ISO/IEC 27001:2013 or FISMA certification process
(dependent on sector type chosen). (I choose healthcare)
Make
sure to reference academic or NIST official publications (most current year
available via the Internet) or other relevant sources published within the last
5 years.
APA
format 7th edition
