Discipline Diamond Published by Global360 IS
- 2016-01-22
- Posted by: lobath7
- Category: Information Sharing
Many businesses, large and small, have multiple information security good practices, industry requirements and government guidelines to address. Knowing your way around these similar but not alike frameworks and standards is a daunting challenge; adhering to all of them simultaneously is near impossible.
Your business requirement to keep secure and meet mandates is further complicated by multiple updates and additions made by the standards organizations.
Global360 Information Security has developed the IS Discipline Diamond which enables your company to develop good practices in key functional areas so that you can get your company secure and keep it secure with the goal of meeting compliance requirements as you operate. Read further on the Discipline Diamond and download the infographic for reference.
- Focus on the VERB, not the NOUN
Global360 IS has deconstructed the “business of information security” into 20 discrete security disciplines that, when each is put into action, collectively create the functioning machine that every IS organization needs to have functioning continuously. - Everybody has a Security Function to Perform
Information Security is everybody’s business and your leaders, team members, contractors and service providers must know and perform their functions as prescribed. The IS Discipline Diamond provides role-based functions for each of your resources.
- The Diamond Meets Most Requirements
The Global360 Discipline Diamond takes into account NIST 800-53, NIST CSF, ISO27000, PCI DSS, FISMA, NY DFS 500, PCI DSS standards, the CIS CSC- 20 guidelines, and the COBIT Framework. By following Discipline Diamond functions cwill meet these requirements over time. - Continuous Security Posture Assessment
The Global360 Discipline Diamond works in concert with the Continuous Security Improvement process allowing for a periodic “finger on the pulse” of the corporate security posture to be taken with follow-up actions delivered for IS functions/facets.
