GRC: NIST CSF Use Case Accelerator. NIST CSF v1.1 or v2.0?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-19-2024 12:52 PM
Greetings,
I have installed "GRC: NIST CSF Use Case Accelerator" (sn_irm_nist_csf) plugin and from what I can see, the security controls that were brought over are of NIST CSF 1.1 version.
Was wondering how can I update this plugin to have access to control objectives for NIST CSF version 2.0?
I installed latest plugin version 18.1.0, but no result on the content of NIST CSF control objectives when it comes to NIST CSF Versino 2.0.
I appreciate your comments and guidance.
Thank you
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-23-2024 10:19 PM
Hi @Valqe I think ServiceNow contains only Version 1.1. Version 2.0 is yet to come may be.
Regards,
Prasanna
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-19-2024 06:55 PM
Hi @Valqe ,
Hi @Valqe ,
The plugin "NIST CSF Use Case Accelerator" does not automatically relate the Citations for Authority document to control objective level, you have to do it manually unfortunately.
You can Navigate to Control Objectives, then add source field to the list and group by source and look for NIST CSF:
Then, you can manually add the associated citations of the Authority document "NIST CSF v2.0" to Control objectives:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-20-2024 11:05 PM
Hi @Valqe ,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-25-2024 08:10 AM
@Valqe the update to the CSF accelerator is coming in the Washington release. Once the Washington release is available the plugin should be updated and you can update your plugin to get access to the 2.0 content