Information Security Manual (ISM) | Cyber.gov.au
This blog is about understanding, auditing, and addressing risk in cloud environments. Systems and architectures are rapidly converging, hiding complexity with additional layers of abstraction. Simplicity is great for operations - as long as risks are understood and appropriately addressed.
Monday, September 19, 2022
Friday, September 16, 2022
SP 800-66 Rev. 2 Reverse Mapped HIPPA - NIST Updated Guidance for Health Care Cybersecurity
Here's a NIST mapping crosswalk between the HIPAA requirements and NIST SP 800-53r5 in a spreadsheet format.
Spreadsheet Here: 2022 HIPAA Crosswalk SP 800-66 ipd Table 12.ver.01.xlsx - Google Drive from Blog Downloads (compliancequickstart.com)
NIST Page: SP 800-66 Rev. 2 (Draft), Implementing the HIPAA Security Rule: Cybersecurity Resources | CSRC (nist.gov)
Publication Link: NIST SP 800-66r2 initial public draft, Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide
I reworked the information from the initial public draft into a spreadsheet that also allows easy importing into different tools. Additionally, I included a direct NIST map, essentially reversing the look-up. Finally, all control IDs are now two digits which allows for proper sorting and lookups with tools inside arrays.
Here's a snapshot of the format (click to view):