Jointly published on 25 February 2020 by the National Association of Corporate Directors (NACD) and Internet Security Alliance (ISA), this report focuses on five core principles that apply to boards of public companies, private companies, and nonprofit organizations of all sizes and in every industry sector:
This handbook was the first non-government resource to be featured on the U.S. Department of Homeland Security’s US-CERT C3 Voluntary Program website.
Most people don’t realize that security frameworks have plenty of controls in common. Businesses spend a needless amount of time and money duplicating security process in order to comply with each framework. In the attached document from Tugboat Logic, you’ll see where different security frameworks overlap. That way, you can build a sophisticated compliance program for less by collecting evidence once, and applying it to many frameworks.
Version 1.0, published 12 August 2019.