[Verse 1] Twenty families guard the digital castle walls AC controls who enters, AT trains them all AU watches every keystroke, CA certifies the plan CM manages configurations with a steady hand [Chorus] Eight-oh-three controls, catalog complete Twenty families dancing to the security beat Low-Moderate-High baselines set the scene NIST has the framework for your cyber regime [Verse 2] CP prepares for disasters, IA proves who you are IR responds to incidents, MA maintains from afar MP protects your media, PE secures the space PL writes the blueprints, PM sets the pace [Chorus] Eight-oh-three controls, catalog complete Twenty families dancing to the security beat Low-Moderate-High baselines set the scene NIST has the framework for your cyber regime [Bridge] PS screens your personnel, PT guards privacy's domain RA assesses every risk, SA builds secure by design SC protects communications, SI keeps systems intact SR validates your supply chain, that's a documented fact [Verse 3] Reference in your policy, "implements Rev Five" Control Family Access Control, keeps your network alive Specify the baseline level, enhancement if you need Base definitions cover ground, but extras plant the seed [Chorus] Eight-oh-three controls, catalog complete Twenty families dancing to the security beat Low-Moderate-High baselines set the scene NIST has the framework for your cyber regime [Outro] From assessment to supply chain, every angle's been addressed Eight hundred fifty-three controls put your security to test
← 4 ISO 27001 / Annex A | 6 PIPEDA and Canadian Privacy Requirements →