Project: Information Security Management Systems Guidelines using the National Institute of Standards and Technology (NIST) and Centre for Internet Security (CIS).

Beneficiary Organisation: Oil and Gas Free Zones Authority | https://ogfza.gov.ng/

Project Objective:

• This guideline describes a set of best IT practices intended to ensure the effective implementation of industry-standard requirements for information security management programs.

• This document aims to provide an understanding of the specific, standards-based security controls required by NIST and CIS to guarantee the best cybersecurity program.

Strategic objectives accompanying this guideline are:

• Implementing a robust cybersecurity awareness program and ensuring end-users are informed of the criticality of protecting sensitive information and the risk of mishandling information.

• Implementing adequate security controls to meet the existing information protection needs and demands of the future based on the changing threats landscape and emerging technologies.

• Laying a foundation for developing risk assessment methods internally and procedures for determining the effectiveness of the implemented security controls.