Security Frameworks
The following is a partial list of sources for security-related frameworks. Their presence here is not an endorsement, just a resource if you are looking for more references.
I have not included links as these change all the time, but an online search will reveal their latest incarnations.
ANSI
Australian Government Protective Security Policy Framework (PSPF)
CIS v7
CISQ
Control Objectives for Information and Related Technologies (COBIT)
COSO
FedRAMP
FISMA
GDPR
HB167 Security Handbook
HIPAA
HITRUST CSF
How to mitigate cyber security incidents (Australian Cyber SecurityCentre; Australian Signals Directorate)
IASME Governance
Infosec Registered Assessors Program (IRAP) | Cyber.gov.au
ISO31000:2018 Risk Management Guidelines (and other standards in the 31000 series)
NERC CIP
NIST 800-53
NIST Cybersecurity Framework
NIST SP 800-12
NIST SP 800-14
NIST SP 800-16
NY DFS
Protective Security Policy Framework (PSPF) - Australian Government
SCAP
SOC 2
TC CYBER
Ten Steps to Cybersecurity (UKNational Cyber Security Centre, GCHQ)
UK HMG Security Policy Framework
Comments