• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

securitywing

Menu
  • About
  • Must Read
      • IIS Performance Boost
      • RFID Security
      • Web App Security Testing
      • How to Secure Home Network
      • Prevent Cross-Site Scripting Attacks
      • Renew Self-Signed Certificates
      • Penetration Testing Tools
      • VPN Concentrator
      • Forensic Investigation Tools
      • Digital Certificates
      • Cloud Security Issues
      • Advanced Evasion Prevention
      • Firewall Types
      • Tips to Prevent Data Exfiltration
      • Classified Info Handling
      • MySQL Security
      • Definition of 7 Types of Malware
      • VOIP Security
      • Why Antivirus Software Fails
      • 15 Network Security Vulnerabilities
      • Web App Security
      • IT Security Standards
      • Types of Virtualization
      • Android Security
      • Digital Signature
      • Advanced Malware Protection
    • Close
  • Consultancy
  • Contact

List of Popular IT Security Standards

by wing

The good news for IT security professionals is that there are a number of IT security standards that they can use as a guideline when developing or implementing IT projects. Remember that these standards are well thought out and proven practices that can improve information security goals of your organization. Only the popular and globally recognized IT security standards have been presented in this post.

  • BITS Financial Services Roundtable (www.bits.org/FISAP/index.php): this is a set of Security assessment questionnaire and review process which has been developed using ISO/IEC 27002. (Also information on the overlaps between ISO/IEC 27002, PCI-DSS 1.1 and COBIT.
  • Common Criteria (www.commoncriteriaportal.org/thecc.html): it does not provide any standards. Instead, it will give you a common set of Provides Criteria to evaluate your IT security status. These criteria also have been published as ISO/IEC 15408.
  • ISO/IEC 27001:2013: this specifies the standards of information security management system, which consists of ten short clauses and a long annex. If your organization follows these standards, you can apply for certification to an accredited certification body. But before applying for certification, you need to go through a formal audit process.
  • NIST special publication 800-171 series: this is basically a computer security report that addresses general guidelines and research outcomes on computer security, conducted by academics, industries and governments.
  • ISO27002:2013: this is an information security standard developed by ISO from BS7799 (British standard of information security). This standard describes general controls of IS security, which is helpful for those who both implement and manage information systems.
  • COBIT 5-it stands for Control Objectives for Information and Related Technology, which was developed by ISACA for IT governance and management. One of the important parts of COBIT is to provide a set of controls to mitigate IT risk. To complement COBIT, you can use RISK IT framework, also developed by ISACA, in order to manage all types of risks related to the use of IT.

Note:If you want to learn about ISO standards in simple English you can use the following link that explains a list of useful information systems management standards. http://praxiom.com/#ISO_IEC_27001_2005_LIBRARY_

For those who wants to explore more specific ISO standards for information security can have a look at  ISO/IEC 27000-series , which is a family of IS management standards. Even if you do not want to spend money on ISO certification or any other accreditation, you can follow these standards in order to enhance the overall security of your IT and relevant assets.

Related Posts:

  • Top 20 Windows Server Security Hardening Best Practices
  • 3 Simple Steps to Secure Gmail Account from Hackers
  • 20 Types of Database Security to Defend Against Data Breach
  • Tips for Network Security Breach Investigation
  • 20 Ways to Secure Home Network

Filed Under: IS Audit Tagged With: security, standards

Primary Sidebar

CISSP Sample Test

Take a CISSP Sample Test

CISA IT governance Sample test



Twitter Follow @securitywing

Categories

  • AWS
  • containers
  • Internet Security and Safety
  • IS Audit
  • IT Security Exams
  • Network Security Tips
  • Off Track
  • Telecom
  • Tutorial

Pages

  • About
  • Best IT Security Certification Exam
  • CISA IT governance Sample test
  • CISA Sample Test
  • CISSP Sample Test Online
  • Consultancy
  • Contact

Popular Posts

  • 8 Effective Ways to Impro...
  • Yahoo Mail Security Setti...
  • 3 Steps to Install Miniku...
  • How to Setup AWS CloudFro...
  • 3 Simple Steps to Capture...
  • 5 Steps to Setup a Nexus3...
  • How to Configure AAA (TAC...
  • How to Configure SNMP in...
  • How to Install AWS CLI an...
  • How to Renew Self-Signed...

Footer

Copyrights

Protected by Copyscape Duplicate Content Detection Software

Securitywing.com reserves the copyrights of all of its published articles.No contents of this site is permitted to be published to anywhere else in the Internet.If any contents are found in any other websites, securitywing reserves the rights to file a DMCA complaint. But you have the right to use the link of any relevant article of this site to point from your website if you consider that it might improve the quality of your article.

Tags

antivirus audit AWS backup browser check cisco cloud computer cyber data database encryption firewall home hsrp ids informaiton internet intrusion it kubernetes linux load balancing malware network protection putty risk router security security tips server ssh SSL switch tools virus vpn vulnerability web webserver website windows wordpress

Copyright © 2010-2023 ·All Rights Reserved · SecurityWing.com