ABSTRACT
Constructing Practical Systems of Controls e goal of this chapter is to demonstrate the practical tailoring of a standard framework into an explicit set of everyday controls. In particular, we see how a comprehensive and fully auditable cybersecurity control system (CCS) can be created and certied for compliance using a framework model. at includes the
creation of the process and mechanisms for the decomposition, risk-assessment, policy denition, discrete control creation, and maintenance of formal bestpractice cybersecurity protection. In order to substantiate this, a real-world example of the implementation of this process will be provided at the end of this chapter.
