ISO 27000 series

PCI DSS

NIST

ITIL

To determine the budget for security measures

To decide which parts of a standard to implement

To evaluate the effectiveness of a standard

To compare different standards

Tailoring is about determining the scope of a standard

Tailoring is used to compare different standards

Tailoring is about setting a budget for security

Tailoring involves choosing specific implementations like encryption

The system must be approved by the IT department

The system must be tested for bugs

The system must be certified and accredited

The system must be reviewed by external auditors

Accepting the certification and residual risks

Training staff on security protocols

Conducting a final security audit

Implementing additional security measures