Security Frameworks

While working in the area of information security, it is important to have an understanding of the common security standards or frameworks. While reading this article, you will obtain some knowledge of the controls specified by ISO/IEC 27001, the Federal Information Processing Standards (FIPS), the NIST cybersecurity framework and NIST Special Publication 800-53, as well as COBIT5.

Business control frameworks

There are a wide range of frameworks and standards looking at internal business, and inter-business controls, including:

  • SSAE 16
  • ISAE 3402
  • Payment Card Industry Data Security Standard
  • Health Insurance Portability and Accountability Act
  • COBIT 4/5
  • CIS Top-20
  • NIST Cybersecurity Framework