Security and Privacy Controls for Federal Information Systems and Organizations is a well-known NIST publication consisting of a catalog of security and privacy controls used to assist US federal government agencies in meeting the requirements of FISMA and serves as a best practice framework for other, non-federal entities.
NIST controls are organized into 18 different control families, and as the new CCISO you will need to explain at least 9 of these to the CEO and CTO on their meaning, and examples of their implementation in a 12–15-page slide presentation in MS PowerPoint. On the last technical slide, a summary of the NIST Risk Management Framework Please use the following format for the presentation:
Title Slide
Topics of Discussion Slide
Control ID/Family 1
Control ID/Family 2
Control ID/Family 3
Control ID/Family 4
Control ID/Family 5
Control ID/Family 6
Control ID/Family 7
Control ID/Family 8
Control ID/Family 9
RMF 6-step life cycle with the additional "prepare" component
Sample Solution