Most people don’t realize that security frameworks have plenty of controls in common. Businesses spend a needless amount of time and money duplicating security process in order to comply with each framework. In the attached document from Tugboat Logic, you’ll see where different security frameworks overlap. That way, you can build a sophisticated compliance program for less by collecting evidence once, and applying it to many frameworks.
Jointly published on 25 February 2020 by the National Association of Corporate Directors (NACD) and Internet Security Alliance (ISA).