Useful Links and Resources

Note: All links are external, they are use for reference only. Use with discretion.

Standards and Guidance

• National Institute of Standards and Technology - NIST - Cybersecurity
• The Committee of Sponsoring Organizations of the Treadway Commission - COSO
• Information Systems Audit and Control Association - ISACA
• International Organization for Standardization - ISO
• ISO 27000 Standard - Information Security Management
• ISO 31000 Standard - Risk Management
• CIS Control
• DES - Data Encryption Standard - NIST Publication
• AES - Advanced Encryption Standard - NIST Publication
• National Information Assurance Partnership
• Government of Canada - Communications Security Establishment - Canadian Common Criteria
• Common Criteria Portal

Frameworks

• ISACA - COBIT (Control Objectives for Information and related Technology)
• ISACA - Risk IT Framework
• ISACA - Val IT Framework
• ISACA - Information Technology Assurance Framework
• COSO - Internal Control — Integrated Framework (2013)
• COSO - Enterprise Risk Management — Integrated Framework (2004)

RFC and Terminology

• RFC Base Home
• Computer Security Terminology

Education and Cetrification

• Information System Security Certification Consortium, Inc. (ISC2)
• SANS (SysAdmin, Audit, Networking, and Security) Institute
• Information Systems Audit and Control Association - ISACA
• Center for Internet Security - CIS
• Open Web Application Security Project - OSASP
• CSO Online Magazine