Sources of Standards
International Organization for Standardization (ISO) is a consortium of national standards institutes from 157 countries, coordinated through a secretariat in Geneva, Switzerland. ISO is the world's largest developer of standards. ISO 15443: "Information technology - Security techniques - A framework for IT security assurance", ISO/IEC 27002: "Information technology - Security techniques - Code of practice for information security management", ISO-20000: "Information technology - Service management", and ISO/IEC27001: "Information technology - Security techniques - Information security management systems - Requirements" are of particular interest to information security professionals.
The USA National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the U.S. Department of Commerce. The NIST Computer Security Division develops standards, metrics, tests and validation programs as well as publishes standards and guidelines to increase secure IT planning, implementation, management and operation. NIST is also the custodian of the USA Federal Information Processing Standard publications (FIPS).
The Internet Society is a professional membership society with more than 100 organization and over 20,000 individual members in over 180 countries. It provides leadership in addressing issues that confront the future of the Internet, and is the organization home for the groups responsible for Internet infrastructure standards, including the Internet Engineering Task Force (IETF) and the Internet Architecture Board (IAB). The ISOC hosts the Requests for Comments (RFCs) which includes the Official Internet Protocol Standards and the RFC-2196 Site Security Handbook.
The Information Security Forum is a global nonprofit organization of several hundred leading organizations in financial services, manufacturing, telecommunications, consumer goods, government, and other areas. It undertakes research into information security practices and offers advice in its biannual Standard of Good Practice and more detailed advisories for members.
The IT Baseline Protection Catalogs, or IT-Grundschutz Catalogs, ("IT Baseline Protection Manual" before 2005) are a collection of documents from the German Federal Office for Security in Information Technology (FSI), useful for detecting and combating security-relevant weak points in the IT environment (IT cluster). The collection encompasses over 3000 pages with the introduction and catalogs.
Read more about this topic: Information Security
Famous quotes containing the words sources of, sources and/or standards:
“No drug, not even alcohol, causes the fundamental ills of society. If we’re looking for the sources of our troubles, we shouldn’t test people for drugs, we should test them for stupidity, ignorance, greed and love of power.”
—P.J. (Patrick Jake)
“No drug, not even alcohol, causes the fundamental ills of society. If we’re looking for the sources of our troubles, we shouldn’t test people for drugs, we should test them for stupidity, ignorance, greed and love of power.”
—P.J. (Patrick Jake)
“In this nation I see tens of millions of its citizens, a substantial part of its whole population, who at this very moment are denied the greater part of what the very lowest standards of today call the necessities of life. I see one third of a nation ill-housed, ill-clad, ill-nourished. The test of our progress is not whether we add more to the abundance of those who have much, it is whether we provide enough for those who have too little.”
—Franklin D. Roosevelt (1882–1945)