The NIST cybersecurity framework is a list of guidelines and practices designed to help organizations better manage their security programs. It rests on various industry best practices and standards like ISO 27001 and the Control Objectives for Information and Related Technologies (COBIT) 5 (refer to the topic Resources to learn more about these standards). This framework discusses critical security activities that can be tailored and customized to your organization’s unique needs.

prepare and present a report to management. In your report discuss how you would incorporate these critical security activities into the following steps:

1. Determine current/recent risks or threats to information security.
2. Develop system-specific plans for the protection of intellectual property.
3. Apply the security model to protect the organization from being compromised by unauthorized users.
4. Determine the access control mechanisms that would apply to ensure information is protected against unauthorized users.

PART C= Third paragraph and conclusion
Outline and explain the roles of the following personnel in the planning and managing of this security:

1. Board of Directors
2. Senior Management
3. Chief Information Security Officer (CISO)
4. IT Management (CIO, IT Director, etc.)
5. Functional Area Management
6. Information Security personnel