Interdependency indicator -
NIST Cybersecurity Framework Description EXAMPLE OF IMPLEMENTATION
Cybersecurity is included in human resources practices (e.g., deprovisioning, personnel screening)
Function:
PRProtect
Category:
PR.IPInformation Protection Processes and Procedures
Subcategory:
PR.IP-11Cybersecurity is included in human resources practices (e.g., deprovisioning, personnel screening)
Informative references
 CIS CSC 5, 16
COBIT 5 APO07.01, APO07.02, APO07.03, APO07.04, APO07.05
ISA 62443-2-1:2009 4.3.3.2.1, 4.3.3.2.2, 4.3.3.2.3
ISO/IEC 27001:2013 A.7.1.1, A.7.1.2, A.7.2.1, A.7.2.2, A.7.2.3, A.7.3.1, A.8.1.4
NIST SP 800-53 Rev. 4 PS-1, PS-2, PS-3, PS-4, PS-5, PS-6, PS-7, PS-8, SA-21

Security policies (that address purpose, scope, roles, responsibilities, management commitment, and coordination among organisational entities), processes, and procedures are maintained and used to manage protection of information systems and assets.

There may be a genuine link between social impact as indicator and the specific control of NIST which consists in embedding cybersecurity in human resources practices

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information