I would like to write research in the field of information security, specifically on the possibility of using the FISM law in organizations.
Can I use this law in private organizations, that is, the private sector?
Can we call this law the FISM model?
Reza Fotohi
https://en.wikipedia.org/wiki/Federal_Information_Security_Management_Act_of_2002
1 votes
0 thanks
Chris Rogers
You can use it although you might consider the Iso accredited NIST model 800-100 series. 800-171 deals with compliance. We use that in the commercial sector at work. If your looking for federal compliance I suggest looking at the DISA STIG https://public.cyber.mil/stigs/ for guidance.
0 votes
0 thanks
More Mohammed Mustafa Hussein's questions See All
Similar questions and discussions