Solutions Checklist

[Update: Added source mapping and original spreadsheet]

Click on the worksheet below to view a compiled checklist of mandatory security solutions, an ecosystem if you will, that supplement and enable the comprehensive technical control set required by common regulations and standards.

Importantly, this list is based upon published authoritative standards and regulations. Somebody out there is looking at this list and wondering why their favorite product or solution is missing. In many cases it's because they need to justify a particular product they sell. In other cases, they don't believe this list adequately reflects the risk for many environments.

The short answer for this is that if you want change then you need to get in front of standards bodies and convince them of the changes you're looking for. If you want to restate the need for your product or solution in the context of risk mitigation and application of a RMF, then we agree. There are several controls I would add to this list for my own environment, and I encourage you to consider what additional controls may be necessary to protect your own data.

You can download the spreadsheet here: titled "Compliance and Security Solutions Crosswalk"

Solution Set Requirements Map 
(Click image below to see full-size) (