Interdependencies between essential and important entities

  1. Home
  2. Topics
  3. Cybersecurity Policy
  4. NIS Directive
  5. Interdependencies between essential and important entities

ENISA Interdependencies Indicators Tool

Interdependency indicator -
Category
IMPACT
Description
Social impact
Number of Controls
2 Cooperation Group
6 ISO IEC 27002
1 NIST Cybersecurity Framework
2 Cobit5
Mappings to: Cooperation Group (2) ISO IEC 27002 (6) NIST Cybersecurity Framework (1) Cobit5 (2)
NIST Cybersecurity Framework Description EXAMPLE OF IMPLEMENTATION
Cybersecurity is included in human resources practices (e.g., deprovisioning, personnel screening)
Function:
PRProtect
Category:
PR.IPInformation Protection Processes and Procedures
Subcategory:
PR.IP-11Cybersecurity is included in human resources practices (e.g., deprovisioning, personnel screening)
Informative references
 CIS CSC 5, 16
COBIT 5 APO07.01, APO07.02, APO07.03, APO07.04, APO07.05
ISA 62443-2-1:2009 4.3.3.2.1, 4.3.3.2.2, 4.3.3.2.3
ISO/IEC 27001:2013 A.7.1.1, A.7.1.2, A.7.2.1, A.7.2.2, A.7.2.3, A.7.3.1, A.8.1.4
NIST SP 800-53 Rev. 4 PS-1, PS-2, PS-3, PS-4, PS-5, PS-6, PS-7, PS-8, SA-21

Security policies (that address purpose, scope, roles, responsibilities, management commitment, and coordination among organisational entities), processes, and procedures are maintained and used to manage protection of information systems and assets.

 There may be a genuine link between social impact as indicator and the specific control of NIST which consists in embedding cybersecurity in human resources practices

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies