Finding a Framework That Fits

audit and assurance
Author: ISACA
Date Published: 14 September 2020

Enterprises that effectively implement a cybersecurity framework are better able to create value through processes, people and technology. Guided by a framework, organizations can establish their own cybersecurity policies and procedures while adhering to industry best practices.

But before that can be accomplished, an appropriate framework must be selected, which can prove difficult when so many exist that seem to promise the same thing. The topic of frameworks—and how to pick one—can feel overwhelming when they need to be general enough to be used across organizations and not so specific that committing to just one can be restricting.

In ISACA’s “Framework Overload” podcast, cybersecurity experts Dustin Brewer and Frank Downs propose that the reason behind the surplus of frameworks is their nature of being both broad and limiting. They also discuss what exactly comprises a framework and how to choose the right one for your enterprise.

To listen to this podcast, visit the Framework Overload page of the ISACA® website or stream it on Apple Podcasts, Google Play, Podbean, Spotify or Stitcher.