- Description
CYB 207 Wk 2 – NIST RMF Step 2: Select Security Controls
As the team leader for Phoenix Security Services’ SureMarket account, you continue your SOX assessment of compliance using the NIST RMF as described in NIST SP 800-37:
- Step 1: Categorize Information Systems
- Step 2: Select Security Controls
- Step 3: Implement Security Controls
- Step 4: Assess Security Controls
- Step 5: Authorize Information System
- Step 6: Monitor Security Controls
Review each security family you identified in Step 1. Use NIST SP 800-53a to determine the specific security controls for each as it applies to the SureMarket Sarbanes-Oxley Act (SOX) assessment.
Your next task is to complete Step 2 of the NIST RMF process by continuing to document information needed for your presentation to the SureMarket leadership in Part B of the Week 4 assignment.
To prepare your documentation, create a 5- to 6-page table in Microsoft Word mapping each security family to the specific security controls contained with NIST SP 800-53a. Each security family will have more than one security control. Organize your information in a table with the following columns:
- Security Family Area
- Specific Security Controls Within Each Family Area
- Description of Each Security Control
Note: You will use this week’s assignment to help you complete your Week 3 assignment.
Submit your assignment.