Students compare and contrast multiple compliance frameworks including ISO 27001, California Consumer Privacy Act (CCPA), Health Insurance Portability and Accountability Act (HIPPA), Payment Card Industry Data Security Standard (PCI DSS), and Service Organization Control 2 (SOC2). They examine selected intersections and redundancies in these frameworks and analyze how to address them in a global context. Their analysis will include examining crosswalks between the NIST RMF and selected frameworks
Learning Objectives
Evaluate characteristics of ISO 27001 and CCPA|Analyze differences between HIPAA, SOC, and PCI|Compare and Contrast ISO27001 and NIST Risk Management Framework|Assess similarities and differences between CCPA and NIST Risk Management Framework|Review HIPAA and NIST Risk Management Framework characteristics|Design NIST Risk Management Case Study|Analyze NIST Risk Management Case Study