IEF-RA 2.0b2 FTF Avatar
  1. OMG Issue

IEFRA2 — No Mention of Compliance and Industry Standards

Open Closed All
  • Key: IEFRA2-141
  • Status: open  
  • Source: Advanced Systems Management Group Ltd. ( Mr. Michael Abramson)
  • Summary:

    "19.3.6 No Mention of Compliance and Industry Standards
    The section does not reference key cloud security frameworks like:
    ● NIST 800-53 & 800-207 (Zero Trust Architecture)
    ● ISO 27017 (Cloud Security Controls)
    ● CIS Benchmarks for Cloud Providers (AWS, Azure, GCP)
    ● FedRAMP (for government cloud security requirements)

    These frameworks guide organizations in securing cloud environments, and aligning IEF-RA with them would strengthen its credibility.
    Suggest: Add a sentence stating how IEF-RA can support compliance with these frameworks.
    ""IEF-RA aligns with established cloud security frameworks such as NIST 800-207 for Zero Trust and ISO 27017 for cloud security, ensuring interoperability with industry best practices."""
  • Reported: IEF-RA 2.0a1 — Thu, 14 Aug 2025 15:37 GMT
  • Updated: Thu, 14 Aug 2025 15:37 GMT