ISO and Control Frameworks
NIST CSF Alignment Practicum
Map detective and preventive controls to NIST CSF outcomes with traceable narratives.
Overview
Teams work through subcategories with explicit evidence anchors. Facilitators stress how to avoid checkbox mapping that falls apart under scrutiny. You will produce a heatmap and a one-page executive storyline suitable for board updates.
What is included
- Heatmapping workshop with dissent capture
- Executive storyline drafting studio
- Peer critique of two sample maps from other industries
- Office hours on KR sector overlays where applicable
- Integration notes for overlapping ISO clauses
Outcomes
- A draft subcategory map with evidence pointers
- A board-ready paragraph explaining residual exposure honestly
- A backlog of mapping fixes ranked by effort
Lead facilitator
Eunji Choi
Lead quality standards instructor with infrastructure background.
Participant questions
Do we need prior NIST experience?
Foundational awareness helps; we provide pre-reads for newcomers.
Is this tied to a certification exam?
No. This is operational mapping practice, not an exam bootcamp.
Can we bring legacy on-prem controls?
Yes. Facilitators help narrate hybrid environments without overselling cloud maturity.
Experience notes
“The heatmapping dissent capture surfaced three double-counted controls we had been bragging about. Painful, accurate, worth it.”