The NIST Cybersecurity Framework is designed to help organizations better understand, manage and reduce their cybersecurity risks. However, the framework is not a ‘one size fits all’ solution and its implementation will vary depending upon the nature, size and complexity of the organization, and the types of the information it processes.
Once you’ve implemented the framework, it’s essential to measure the effectiveness of your implementation to understand what works well and where things could be improved. The framework has been designed with flexibility in mind, which will enable you to respond to your measurement results and adjust the framework implementation so it is more effective.
Who will benefit?
- This course will help you:
Identify key benefits of maintenance and measuring - Recognize best practice auditing processes and techniques
- Comprehend the rationale behind the processes and techniques of maintenance and audit
- Establish an understanding of the issues organizations face when maintaining and auditing NIST Framework processes
- Identify the best practice approaches to be adopted when addressing and managing nonconformities
Who should attend?
You should also have an understanding of management systems auditing (any discipline), ideally through attendance at a management system auditing training course.
What will I learn?
By attending this one-day course, you’ll understand why measurement and analysis of the framework implementation is so important and what methods and techniques are available to conduct measurement and analysis activities.
This course will provide you with the knowledge on how to maintain and audit your NIST Cybersecurity Framework implementation. It will enable you and your organization to understand, detect, correct and monitor its effectiveness.
You will be provided with:
- An overview of maintenance and audit
- An explanation of the maintenance and audit activities available to you
- A definition of auditing and a description of audit principles and techniques
- Guidance for reporting issues and nonconformities
What is included?
- Detailed training course notes
- A loan copy of the standard, for use during the course
- Internationally recognized BSI Training Academy certificate
Prior knowledge and learning
You should have knowledge of the NIST Cybersecurity Framework ideally obtained through our NIST Implementation Training Course. You should also have an understanding of management systems auditing (any discipline), ideally through attendance at a management system auditing training course.
We recommend that you have an overall awareness of cyberspace issues and basic understanding of information security principles and terminology.
We also recommend delegates have an understanding of the NIST Cybersecurity Framework implementation currently employed in their organizations, should one exist.
