ISO 27002, NIST 800-53, Cyber Security Framework (CSF) Information Security Program



NIST-Based Written Information Security Program (WSP)

  • NIST 800-53 based cybersecurity policies & standards in an editable Microsoft Word format.
  • The WISP addresses the “why?” and “what?” questions in an audit, since policies and standards form the foundation for your cybersecurity program.
  • Each of the NIST 800-53 rev4 families has a policy associated with it, so there is a total of 26 policies.
  • Under each of the policies are standards that support those policy statements. These standards equate to the moderate control set from NIST 800-53 rev 4, which is needed for NIST 800-171.