Reply To: OCU ISSO D Week 02 Lesson 05 Discussion

Kevin Mehok

Hello Class,

I feel that we must first ask ourselves, “What is specifically cybersecurity framework?” Frame in the IT realm can literally means countless things. Cybersecurity framework provides a common language and establishes a clear set of standards for cybersecurity professionals (Cisternelli, 2023).

The goal for such framework is to reduce and mitigate cyber criminal activity. This week I have discovered seven different frameworks:

2. ISO27001 & ISO27002
3. SOC2

For the sake of this discussion, let’s pick only two to elaborate upon, shall we?

First let’s discuss SOC2. Service Organization Control (SOC)Type 2; specifies more than 60 compliance requirements and extensive auditing processes for 3rd party systems and controls (Cisternelli, 2023).

Secondly, let’s dive into NERC-CIP North American Electric Reliability Corporation- Critical Infrastructure Protection: Designed to assists folks in the utility and power sector reduce cyber risk and ensure reliability of bulk electric systems (Cisternelli, 2023). The framework consists of a range of controls by categorizing and prioritizing systems critical assets and having recovery plans in place in the event of a cyber attack (Cisternelli, 2023). This framework must implement several vulnerability assessments to stay informed.

This is a super fun topic.

God Bless,



Cisternelli, E. (2023) 7 Cybersecurity Frameworks That Help Reduce Cyber Risk. BitSight;


Please Note:

The support ticket system is for technical questions and post-sale issues.


If you have pre-sale questions please use our chat feature or email .

Cybersecurity Certifications for Today's INFOSEC Careers

Mile2 Cybersecurity Certifications is a world-leader in providing accredited education, training, and certifications for INFOSEC professionals. We strive to deliver the best course ware, the strongest Cyber Range, and the most user-friendly exam system in the market.


Our training courses follow our role-based Certification Roadmap. Plus, many of our classes include hands-on skill development in our Cyber Range.  We train students in penetration testing,disaster recovery, incident handling, and network forensics.  Additionally, our Information Assurance training certification meets military, government, private sector and institutional specifications.  



We've developed training for...

Canada Army Navy Airforce

The Canadian Department of National Defense


The United States Air Force

Defense Logistics Agency

A United States Counterintelligence Agency

Texas Workforce Commission

Texas Workforce Commission

error: Alert: Content is protected !!