You will be responsible for reviewing the POAM and familiarizing yourself with the findings. However, you will only be responsible for auditing two security controls that are found to be non-compliant for the audit that you will perform during this course. Please be aware that once you choose your two specific security controls in this Module, you will continue to build on your analysis of these two controls throughout this course. Therefore, you should be take time to consider which controls you choose. In addition, for your two choices, you must choose:
CRSS Network Diagram.pptx
NOTE: The various frameworks are usually very similar, though differences exist relevant to their industry focus. ISO 27000 and COBIT are meant to focus on private sector compliance, while NIST is focused on public sector.
You can review each framework at:
For this week, you will use the IA security control you chose and in a brief report address the following: