Content library
NSM ICT-SP

Requirements included in the framework

Policy
Linked frameworks
Framework
Tasks
Identify the organisation’s strategy and priorities
1.1.1
NSM ICT Security Principles (Norway)
2
Identify the organisation’s structures and processes for security management
1.1.2
NSM ICT Security Principles (Norway)
7
Identify the organisation’s processes for ICT risk management
1.1.3
NSM ICT Security Principles (Norway)
7
Identify the organisation’s tolerances for ICT risk
1.1.4
NSM ICT Security Principles (Norway)
2
Identify the organisation’s deliverables, information systems and supporting ICT functions
1.1.5
NSM ICT Security Principles (Norway)
6
Identify information processing and data flow
1.1.6
NSM ICT Security Principles (Norway)
5
Establish a process to identify devices and software in use at the organisation
1.2.1
NSM ICT Security Principles (Norway)
2
Establish organisational guidelines for approved devices and software
1.2.2
NSM ICT Security Principles (Norway)
4
Identify devices in use at the organisation
1.2.3
NSM ICT Security Principles (Norway)
4
Identify the software in use at the organisation
1.2.4
NSM ICT Security Principles (Norway)
2
Identify the users of the information systems
1.3.1
NSM ICT Security Principles (Norway)
4
Identify and define the different user categories
1.3.2
NSM ICT Security Principles (Norway)
1
Identify roles and responsibilities linked especially to ICT security
1.3.3
NSM ICT Security Principles (Norway)
2
Include security in the organisation’s procurement process
2.1.1
NSM ICT Security Principles (Norway)
3
Review the service provider’s security when outsourcing
2.1.10
NSM ICT Security Principles (Norway)
6
Procure modern and up-to-date hardware and software
2.1.2
NSM ICT Security Principles (Norway)
2
Prefer ICT products which have been certified and evaluated by a trusted third party
2.1.3
NSM ICT Security Principles (Norway)
1
Reduce the risk of targeted manipulation of ICT products in the supply chain
2.1.4
NSM ICT Security Principles (Norway)
6
Use a secure software development method
2.1.5
NSM ICT Security Principles (Norway)
6
Use separate environments for development, test and production
2.1.6
NSM ICT Security Principles (Norway)
2
Implement adequate testing throughout the development process
2.1.7
NSM ICT Security Principles (Norway)
3
Maintain the software code developed/used by the organisation
2.1.8
NSM ICT Security Principles (Norway)
5
Maintain security responsibility during outsourcing
2.1.9
NSM ICT Security Principles (Norway)
5
Include security in the organisation’s change management process
2.10.1
NSM ICT Security Principles (Norway)
3

Universal cyber compliance language model: Comply with confidence and least effort

In Cyberday, all frameworks’ requirements are mapped into universal tasks, so you achieve multi-framework compliance effortlessly.

Security frameworks tend to share the common core. All frameworks cover basic topics like risk management, backup, malware, personnel awareness or access management in their respective sections.
Cyberday’s universal cyber security language technology creates you a single security plan and ensures you implement the common parts of frameworks just once. You focus on implementing your plan, we automate the compliance part - for current and upcoming frameworks.
Start your free trial