Copy - Framework Review

Frameworks Review

We covered MANY different frameworks in the last module! Let's start to solidify these concepts and identify what sets them apart.

Start

Part 1

The most common frameworks

This framework is based on five categories: Security, Availability, Process Integrity, Confidentiality, and Privacy

The goal of this framework is to set and enforce security standards for protected health information

The goal of this framework is to regulate how organizations collect, handle, and protect personal data of EU residents.

This framework provides specific requirements and directives for establishing, implementing, and continually maintaining a Privacy Information Management System (PIMS).

Part 2

Industry and location specific frameworks

This framework provides a set of technology standards for online banking that financial institutions must follow. It consists of: Inherent Risk Profile and Cybersecurity Maturity.

This framework is a new certification for all Department of Defense contractors and subcontractors

Any vendor that processes what Microsoft considers as Microsoft Personal Data or Microsoft Confidential Data must be compliant with this framework ;)

This state-specific frameworkgives consumer control over the personal data that businesses collect, how that data is used, and prevents the sale of their data.

This framework ensures all companies that accept, process, store, or transmit credit card information maintain a secure environment.

Part 3

NIST

This framework is a catalog of controls created to address the increasing technological capabilities of national adversaries

This foundational framework organizes basic cybersecurity activies at their highest level

This is a framework that covers the requirements for protecting the confidentiality of Controlled Unclassified Information (CUI)

Congratulations!

uh oh! you were wrong

Try again