SlideShare a Scribd company logo

Information_Governance_Risk_Compliance_Frameworks (v5)

Download as DOCX, PDF
Jason Rusch - CISSP CGEIT CISM CISA GNSA
Jason Rusch - CISSP CGEIT CISM CISA GNSA

This document lists various standards, frameworks, and methodologies for information governance, risk management, regulatory compliance, quality management, risk assessment, risk analysis, vulnerability assessment, and security best practices. It includes well-known standards and guidelines such as COBIT, ISO 27002, NIST 800-53, PCI DSS, HIPAA, SOX, and ITIL.

Career
1 of 1
INFORMATION GOVERNANCE-RISK-SECURITY-COMPLIANCE GOVERNANCE  COBIT - ISACA  ITIL V3 - HM Government  ISO-38500 - ISO  CSF - HITRUST  ITSM - HM Government RISK MANAGEMENT  COSO-ERM - Committee of Sponsoring Orgs  ISO-31000/31010 – ISO  ITAF – ISACA GOVERNMENT  FISMA - Fed Info Security Mgt Act  FIPS – Fed Info Processing Stand (14)  FIPS 200 - Min Security Requirements  CIP 1-9 – NERC CIP-007 Sys Security Mgt.  DIACAP - DoD In Ass Cert Accred. Proces REGULATORY /COMPLIANCE  GLBA – 8 Government Agencies  BASE II - Basel Committee Banking Supervisn  SOX 404 – SEC - Public Acct Oversight Board  SAS 70 / SSAE16 - Auditing Standards Board  PCI-DSS - PCI-SSC  HIPAA - Health and Human Services (HHS)  OMNIBUS RULE – HITECH  SAFE HARBOR  EU DIRECTIVE 95/46  CBPR – Cross Border Privacy Rules (APEC)  E-DISCOVERY  FACTA-RED FLAGS  CALIFORNIA SB 1386 QUALITY MANAGEMENT / SDLC  CMMI - Carnegie-Mellon University Capability Maturity Model Integration  OGRCM3 - SOMAP Open Governance, Risk and Compliance Maturity Management Methodology RISK ASSESSMENT METHODOLOGY  COBRA - C&A Systems Security Consultative, Objective Bi-functional Risk Analysis  OCTAVE - CERT Operationally Critical Threat, Asset, Vuln Eval  CRAMM - CCTA CCTA Risk Analysis and Management Method  SPRINT - Information Security Forum Simplified Process for Risk Identification  SP800-30 - NIST Guide to Conducting Risk Assessments  ISSAF – OISSG Information Sys Sec Assessment Framework  IAM – NSA INFOSEC Assessment Methodology  ISAM – ISAM Information-Sec Assessment Methodology RISK ANALYSIS  FAIR - The Open Group Factor Analysis of information Risk  FRAP - Carnegie-Mellon University Facilitated Risk Analysis Process VULNERABILITY / SECURITY ASSESSMENT  OSSTM - ISECOM Open Source Security Testing Methodology Manual  Common Criteria - ISO/IEC 15408 STANDARDS GUIDELINES BEST PRACTICE  ISO-27002 – ISO  COMMON CRITERIA - App Sec Review  OWASP – Top 10 & Cheat sheets  NIST – ALL  SP800-53 – NIST – Security Management  CIS

Recommended

On The Front Lines Of Incident Respost
On The Front Lines Of Incident RespostOn The Front Lines Of Incident Respost
On The Front Lines Of Incident Respost
AlienVault
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
AlienVault
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
AlienVault
 
Information Governance, Managing Data To Lower Risk and Costs, and E-Discover...
Information Governance, Managing Data To Lower Risk and Costs, and E-Discover...Information Governance, Managing Data To Lower Risk and Costs, and E-Discover...
Information Governance, Managing Data To Lower Risk and Costs, and E-Discover...
David Kearney
 
The State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICThe State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHIC
AlienVault
 
Information Governance
Information GovernanceInformation Governance
Information Governance
Lorne Rogers, ECM-M, PMP [Open Networker]
 
Information Governance - AIIM Marketing Intelligence Though Leadership Whitep...
Information Governance - AIIM Marketing Intelligence Though Leadership Whitep...Information Governance - AIIM Marketing Intelligence Though Leadership Whitep...
Information Governance - AIIM Marketing Intelligence Though Leadership Whitep...
SAP Solution Extensions
 
Challenges & Benefits In Creating An Information Governance Program
Challenges & Benefits In Creating An Information Governance ProgramChallenges & Benefits In Creating An Information Governance Program
Challenges & Benefits In Creating An Information Governance ProgramKevin Nugent
 

Recommended

On The Front Lines Of Incident Respost
On The Front Lines Of Incident RespostOn The Front Lines Of Incident Respost
On The Front Lines Of Incident Respost
AlienVault
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
AlienVault
 
How Malware Works
How Malware WorksHow Malware Works
How Malware Works
AlienVault
 
Information Governance, Managing Data To Lower Risk and Costs, and E-Discover...
Information Governance, Managing Data To Lower Risk and Costs, and E-Discover...Information Governance, Managing Data To Lower Risk and Costs, and E-Discover...
Information Governance, Managing Data To Lower Risk and Costs, and E-Discover...
David Kearney
 
The State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHICThe State of Incident Response - INFOGRAPHIC
The State of Incident Response - INFOGRAPHIC
AlienVault
 
Information Governance
Information GovernanceInformation Governance
Information Governance
Lorne Rogers, ECM-M, PMP [Open Networker]
 
Information Governance - AIIM Marketing Intelligence Though Leadership Whitep...
Information Governance - AIIM Marketing Intelligence Though Leadership Whitep...Information Governance - AIIM Marketing Intelligence Though Leadership Whitep...
Information Governance - AIIM Marketing Intelligence Though Leadership Whitep...
SAP Solution Extensions
 
Challenges & Benefits In Creating An Information Governance Program
Challenges & Benefits In Creating An Information Governance ProgramChallenges & Benefits In Creating An Information Governance Program
Challenges & Benefits In Creating An Information Governance ProgramKevin Nugent
 
The Challenging and Changing Face of NHS Information Governance - Paper Deliv...
The Challenging and Changing Face of NHS Information Governance - Paper Deliv...The Challenging and Changing Face of NHS Information Governance - Paper Deliv...
The Challenging and Changing Face of NHS Information Governance - Paper Deliv...
Andrew Harvey BA (Hons), MA, CISMP
 
Governance Risk and Compliance for SAP
Governance Risk and Compliance for SAPGovernance Risk and Compliance for SAP
Governance Risk and Compliance for SAP
PECB
 
Information Governance -- Necessary Evil or a Bridge to the Future?
Information Governance -- Necessary Evil or a Bridge to the Future?Information Governance -- Necessary Evil or a Bridge to the Future?
Information Governance -- Necessary Evil or a Bridge to the Future?
John Mancini
 
Mike2.0 Information Governance Overview
Mike2.0 Information Governance OverviewMike2.0 Information Governance Overview
Mike2.0 Information Governance Overview
sean.mcclowry
 
De dienstgeoriënteerde cmdb - SEE 2016
De dienstgeoriënteerde cmdb - SEE 2016De dienstgeoriënteerde cmdb - SEE 2016
De dienstgeoriënteerde cmdb - SEE 2016
TOPdesk
 
Webinar: Information Governance - Where is the Healthcare Industry and Where ...
Webinar: Information Governance - Where is the Healthcare Industry and Where ...Webinar: Information Governance - Where is the Healthcare Industry and Where ...
Webinar: Information Governance - Where is the Healthcare Industry and Where ...
Modern Healthcare
 
What is Information Governance
What is Information GovernanceWhat is Information Governance
What is Information Governance
Atle Skjekkeland
 
What is IT Governance?
What is IT Governance?What is IT Governance?
What is IT Governance?
Mansoor Adenwala
 
Find the Right People
Find the Right PeopleFind the Right People
Find the Right People
LinkedIn Sales Solutions
 
DSS RMF Training.pptx
DSS RMF Training.pptxDSS RMF Training.pptx
DSS RMF Training.pptx
Muhammad Mazhar
 
S nandakumar
S nandakumarS nandakumar
S nandakumarIPPAI
 
S nandakumar_banglore
S nandakumar_bangloreS nandakumar_banglore
S nandakumar_bangloreIPPAI
 
David W. Graham, CEO, Energy Technology Risk Advisors, LLC
David W. Graham, CEO, Energy Technology Risk Advisors, LLCDavid W. Graham, CEO, Energy Technology Risk Advisors, LLC
David W. Graham, CEO, Energy Technology Risk Advisors, LLC
David W. Graham
 
RiskWatch for Physical & Homeland Security™
RiskWatch for Physical & Homeland Security™RiskWatch for Physical & Homeland Security™
RiskWatch for Physical & Homeland Security™
CPaschal
 
Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016
Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016
Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Usulanuntukwg1danwg2dandata28 feb2017
Usulanuntukwg1danwg2dandata28 feb2017Usulanuntukwg1danwg2dandata28 feb2017
Usulanuntukwg1danwg2dandata28 feb2017
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Security architecture
Security architectureSecurity architecture
Security architecture
George Georgovassilis
 
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta ChapterRSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
Phil Agcaoili
 
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
akquinet enterprise solutions GmbH
 
Cybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdfCybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdf
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Safety Management Systems (SMS) Fundmentals: Policy
Safety Management Systems (SMS) Fundmentals: PolicySafety Management Systems (SMS) Fundmentals: Policy
Safety Management Systems (SMS) Fundmentals: Policy
FAA Safety Team Central Florida
 

More Related Content

Viewers also liked

The Challenging and Changing Face of NHS Information Governance - Paper Deliv...
The Challenging and Changing Face of NHS Information Governance - Paper Deliv...The Challenging and Changing Face of NHS Information Governance - Paper Deliv...
The Challenging and Changing Face of NHS Information Governance - Paper Deliv...
Andrew Harvey BA (Hons), MA, CISMP
 
Governance Risk and Compliance for SAP
Governance Risk and Compliance for SAPGovernance Risk and Compliance for SAP
Governance Risk and Compliance for SAP
PECB
 
Information Governance -- Necessary Evil or a Bridge to the Future?
Information Governance -- Necessary Evil or a Bridge to the Future?Information Governance -- Necessary Evil or a Bridge to the Future?
Information Governance -- Necessary Evil or a Bridge to the Future?
John Mancini
 
Mike2.0 Information Governance Overview
Mike2.0 Information Governance OverviewMike2.0 Information Governance Overview
Mike2.0 Information Governance Overview
sean.mcclowry
 
De dienstgeoriënteerde cmdb - SEE 2016
De dienstgeoriënteerde cmdb - SEE 2016De dienstgeoriënteerde cmdb - SEE 2016
De dienstgeoriënteerde cmdb - SEE 2016
TOPdesk
 
Webinar: Information Governance - Where is the Healthcare Industry and Where ...
Webinar: Information Governance - Where is the Healthcare Industry and Where ...Webinar: Information Governance - Where is the Healthcare Industry and Where ...
Webinar: Information Governance - Where is the Healthcare Industry and Where ...
Modern Healthcare
 
What is Information Governance
What is Information GovernanceWhat is Information Governance
What is Information Governance
Atle Skjekkeland
 
What is IT Governance?
What is IT Governance?What is IT Governance?
What is IT Governance?
Mansoor Adenwala
 
Find the Right People
Find the Right PeopleFind the Right People
Find the Right People
LinkedIn Sales Solutions
 

Viewers also liked (9)

The Challenging and Changing Face of NHS Information Governance - Paper Deliv...
The Challenging and Changing Face of NHS Information Governance - Paper Deliv...The Challenging and Changing Face of NHS Information Governance - Paper Deliv...
The Challenging and Changing Face of NHS Information Governance - Paper Deliv...
 
Governance Risk and Compliance for SAP
Governance Risk and Compliance for SAPGovernance Risk and Compliance for SAP
Governance Risk and Compliance for SAP
 
Information Governance -- Necessary Evil or a Bridge to the Future?
Information Governance -- Necessary Evil or a Bridge to the Future?Information Governance -- Necessary Evil or a Bridge to the Future?
Information Governance -- Necessary Evil or a Bridge to the Future?
 
Mike2.0 Information Governance Overview
Mike2.0 Information Governance OverviewMike2.0 Information Governance Overview
Mike2.0 Information Governance Overview
 
De dienstgeoriënteerde cmdb - SEE 2016
De dienstgeoriënteerde cmdb - SEE 2016De dienstgeoriënteerde cmdb - SEE 2016
De dienstgeoriënteerde cmdb - SEE 2016
 
Webinar: Information Governance - Where is the Healthcare Industry and Where ...
Webinar: Information Governance - Where is the Healthcare Industry and Where ...Webinar: Information Governance - Where is the Healthcare Industry and Where ...
Webinar: Information Governance - Where is the Healthcare Industry and Where ...
 
What is Information Governance
What is Information GovernanceWhat is Information Governance
What is Information Governance
 
What is IT Governance?
What is IT Governance?What is IT Governance?
What is IT Governance?
 
Find the Right People
Find the Right PeopleFind the Right People
Find the Right People
 

Similar to Information_Governance_Risk_Compliance_Frameworks (v5)

DSS RMF Training.pptx
DSS RMF Training.pptxDSS RMF Training.pptx
DSS RMF Training.pptx
Muhammad Mazhar
 
S nandakumar
S nandakumarS nandakumar
S nandakumarIPPAI
 
S nandakumar_banglore
S nandakumar_bangloreS nandakumar_banglore
S nandakumar_bangloreIPPAI
 
David W. Graham, CEO, Energy Technology Risk Advisors, LLC
David W. Graham, CEO, Energy Technology Risk Advisors, LLCDavid W. Graham, CEO, Energy Technology Risk Advisors, LLC
David W. Graham, CEO, Energy Technology Risk Advisors, LLC
David W. Graham
 
RiskWatch for Physical & Homeland Security™
RiskWatch for Physical & Homeland Security™RiskWatch for Physical & Homeland Security™
RiskWatch for Physical & Homeland Security™
CPaschal
 
Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016
Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016
Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Security architecture
Security architectureSecurity architecture
Security architecture
George Georgovassilis
 
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta ChapterRSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
Phil Agcaoili
 
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
akquinet enterprise solutions GmbH
 
Cybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdfCybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdf
Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001
 
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Safety Management Systems (SMS) Fundmentals: Policy
Safety Management Systems (SMS) Fundmentals: PolicySafety Management Systems (SMS) Fundmentals: Policy
Safety Management Systems (SMS) Fundmentals: Policy
FAA Safety Team Central Florida
 
The IT Analysis Paralysis
The IT Analysis Paralysis The IT Analysis Paralysis
The IT Analysis Paralysis
PYA, P.C.
 
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
James W. De Rienzo
 
Trust Service Providers: Self-Regulatory Processes
Trust Service Providers: Self-Regulatory ProcessesTrust Service Providers: Self-Regulatory Processes
Trust Service Providers: Self-Regulatory Processes
CASCouncil
 
Senior Independent IT Auditor (GRC), CISSP & CISA_April 28th, 2015
Senior Independent IT Auditor (GRC), CISSP & CISA_April 28th, 2015Senior Independent IT Auditor (GRC), CISSP & CISA_April 28th, 2015
Senior Independent IT Auditor (GRC), CISSP & CISA_April 28th, 2015Pw Carey
 
Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005
ControlCase
 
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan tiSosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Good-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speedGood-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speed
James '​-- Mckinlay
 

Similar to Information_Governance_Risk_Compliance_Frameworks (v5) (20)

DSS RMF Training.pptx
DSS RMF Training.pptxDSS RMF Training.pptx
DSS RMF Training.pptx
 
S nandakumar
S nandakumarS nandakumar
S nandakumar
 
S nandakumar_banglore
S nandakumar_bangloreS nandakumar_banglore
S nandakumar_banglore
 
David W. Graham, CEO, Energy Technology Risk Advisors, LLC
David W. Graham, CEO, Energy Technology Risk Advisors, LLCDavid W. Graham, CEO, Energy Technology Risk Advisors, LLC
David W. Graham, CEO, Energy Technology Risk Advisors, LLC
 
RiskWatch for Physical & Homeland Security™
RiskWatch for Physical & Homeland Security™RiskWatch for Physical & Homeland Security™
RiskWatch for Physical & Homeland Security™
 
Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016
Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016
Usulan utk PT35-01 Teknologi Informasi dan Kualitas Data 19 okt2016
 
Usulanuntukwg1danwg2dandata28 feb2017
Usulanuntukwg1danwg2dandata28 feb2017Usulanuntukwg1danwg2dandata28 feb2017
Usulanuntukwg1danwg2dandata28 feb2017
 
Security architecture
Security architectureSecurity architecture
Security architecture
 
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta ChapterRSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
 
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
 
Cybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdfCybersecurity Frameworks for DMZCON23 230905.pdf
Cybersecurity Frameworks for DMZCON23 230905.pdf
 
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
Usulan untuk wg1 dan wg2 serta kualitas data pada kaminfo 12 agustus 2015
 
Safety Management Systems (SMS) Fundmentals: Policy
Safety Management Systems (SMS) Fundmentals: PolicySafety Management Systems (SMS) Fundmentals: Policy
Safety Management Systems (SMS) Fundmentals: Policy
 
The IT Analysis Paralysis
The IT Analysis Paralysis The IT Analysis Paralysis
The IT Analysis Paralysis
 
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
 
Trust Service Providers: Self-Regulatory Processes
Trust Service Providers: Self-Regulatory ProcessesTrust Service Providers: Self-Regulatory Processes
Trust Service Providers: Self-Regulatory Processes
 
Senior Independent IT Auditor (GRC), CISSP & CISA_April 28th, 2015
Senior Independent IT Auditor (GRC), CISSP & CISA_April 28th, 2015Senior Independent IT Auditor (GRC), CISSP & CISA_April 28th, 2015
Senior Independent IT Auditor (GRC), CISSP & CISA_April 28th, 2015
 
Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005
 
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan tiSosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
 
Good-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speedGood-cyber-hygiene-at-scale-and-speed
Good-cyber-hygiene-at-scale-and-speed
 

More from Jason Rusch - CISSP CGEIT CISM CISA GNSA

NIST sp800 53-v4 Topology
NIST sp800 53-v4 TopologyNIST sp800 53-v4 Topology
NIST sp800 53-v4 Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
ISO.IEC 27001 27002-2013
ISO.IEC 27001 27002-2013ISO.IEC 27001 27002-2013
ISO.IEC 27001 27002-2013
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
ISO.IEC 27000 Series Map
ISO.IEC 27000 Series MapISO.IEC 27000 Series Map
ISO.IEC 27000 Series Map
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
Cobit v5 High Level Controls Topology
Cobit v5 High Level Controls TopologyCobit v5 High Level Controls Topology
Cobit v5 High Level Controls Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
Cobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance TopologyCobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
GLBA Topology
GLBA TopologyGLBA Topology
GLBA Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
HIPAA Topology
HIPAA TopologyHIPAA Topology
HIPAA Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
ISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 TopologyISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
PCI-DSS DESV Topology
PCI-DSS DESV TopologyPCI-DSS DESV Topology
PCI-DSS DESV Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
DATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLDDATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLD
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
Common Security Framework Summary
Common Security Framework SummaryCommon Security Framework Summary
Common Security Framework Summary
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
SOX Titles Topology
SOX Titles TopologySOX Titles Topology
SOX Titles Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
ITIL v3 Topology
ITIL v3 TopologyITIL v3 Topology
ITIL v3 Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
HITRUST CSF Topology
HITRUST CSF TopologyHITRUST CSF Topology
HITRUST CSF Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
HIPAA Topology
HIPAA TopologyHIPAA Topology
HIPAA Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
GLBA Topology
GLBA TopologyGLBA Topology
GLBA Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
COSO ERM Topology
COSO ERM TopologyCOSO ERM Topology
COSO ERM Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
Octave Topology
Octave TopologyOctave Topology
Octave Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 
FFIEC I.T. Booklets Topology
FFIEC I.T. Booklets TopologyFFIEC I.T. Booklets Topology
FFIEC I.T. Booklets Topology
Jason Rusch - CISSP CGEIT CISM CISA GNSA
 

More from Jason Rusch - CISSP CGEIT CISM CISA GNSA (20)

NIST sp800 53-v4 Topology
NIST sp800 53-v4 TopologyNIST sp800 53-v4 Topology
NIST sp800 53-v4 Topology
 
CSA v4 Topology
CSA v4 TopologyCSA v4 Topology
CSA v4 Topology
 
ISO.IEC 27001 27002-2013
ISO.IEC 27001 27002-2013ISO.IEC 27001 27002-2013
ISO.IEC 27001 27002-2013
 
ISO.IEC 27000 Series Map
ISO.IEC 27000 Series MapISO.IEC 27000 Series Map
ISO.IEC 27000 Series Map
 
Cobit v5 High Level Controls Topology
Cobit v5 High Level Controls TopologyCobit v5 High Level Controls Topology
Cobit v5 High Level Controls Topology
 
Cobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance TopologyCobit & ISO 27002 Governance Topology
Cobit & ISO 27002 Governance Topology
 
GLBA Topology
GLBA TopologyGLBA Topology
GLBA Topology
 
HIPAA Topology
HIPAA TopologyHIPAA Topology
HIPAA Topology
 
ISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 TopologyISO.IEC_27001-27002-2013 Topology
ISO.IEC_27001-27002-2013 Topology
 
PCI-DSS DESV Topology
PCI-DSS DESV TopologyPCI-DSS DESV Topology
PCI-DSS DESV Topology
 
DATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLDDATA PROTECTION LAWS OF THE WORLD
DATA PROTECTION LAWS OF THE WORLD
 
Common Security Framework Summary
Common Security Framework SummaryCommon Security Framework Summary
Common Security Framework Summary
 
SOX Titles Topology
SOX Titles TopologySOX Titles Topology
SOX Titles Topology
 
ITIL v3 Topology
ITIL v3 TopologyITIL v3 Topology
ITIL v3 Topology
 
HITRUST CSF Topology
HITRUST CSF TopologyHITRUST CSF Topology
HITRUST CSF Topology
 
HIPAA Topology
HIPAA TopologyHIPAA Topology
HIPAA Topology
 
GLBA Topology
GLBA TopologyGLBA Topology
GLBA Topology
 
COSO ERM Topology
COSO ERM TopologyCOSO ERM Topology
COSO ERM Topology
 
Octave Topology
Octave TopologyOctave Topology
Octave Topology
 
FFIEC I.T. Booklets Topology
FFIEC I.T. Booklets TopologyFFIEC I.T. Booklets Topology
FFIEC I.T. Booklets Topology
 

Recently uploaded

一比一原版(SFU毕业证)西蒙弗雷泽大学毕业证如何办理
一比一原版(SFU毕业证)西蒙弗雷泽大学毕业证如何办理一比一原版(SFU毕业证)西蒙弗雷泽大学毕业证如何办理
一比一原版(SFU毕业证)西蒙弗雷泽大学毕业证如何办理
pxyhy
 
'Guidance and counselling- role of Psychologist in Guidance and Counselling.
'Guidance and counselling- role of Psychologist in Guidance and Counselling.'Guidance and counselling- role of Psychologist in Guidance and Counselling.
'Guidance and counselling- role of Psychologist in Guidance and Counselling.
PaviBangera
 
一比一原版(QU毕业证)皇后大学毕业证如何办理
一比一原版(QU毕业证)皇后大学毕业证如何办理一比一原版(QU毕业证)皇后大学毕业证如何办理
一比一原版(QU毕业证)皇后大学毕业证如何办理
yuhofha
 
Digital Marketing Training In Bangalore
Digital Marketing Training In BangaloreDigital Marketing Training In Bangalore
Digital Marketing Training In Bangalore
nidm599
 
Brand Identity For A Sportscaster Project and Portfolio I
Brand Identity For A Sportscaster Project and Portfolio IBrand Identity For A Sportscaster Project and Portfolio I
Brand Identity For A Sportscaster Project and Portfolio I
thomasaolson2000
 
New Explore Careers and College Majors 2024
New Explore Careers and College Majors 2024New Explore Careers and College Majors 2024
New Explore Careers and College Majors 2024
Dr. Mary Askew
 
Personal Brand exploration KE.pdf for assignment
Personal Brand exploration KE.pdf for assignmentPersonal Brand exploration KE.pdf for assignment
Personal Brand exploration KE.pdf for assignment
ragingokie
 
DOC-20240602-WA0001..pdf DOC-20240602-WA0001..pdf
DOC-20240602-WA0001..pdf DOC-20240602-WA0001..pdfDOC-20240602-WA0001..pdf DOC-20240602-WA0001..pdf
DOC-20240602-WA0001..pdf DOC-20240602-WA0001..pdf
Pushpendra Kumar
 
一比一原版(TMU毕业证)多伦多都会大学毕业证如何办理
一比一原版(TMU毕业证)多伦多都会大学毕业证如何办理一比一原版(TMU毕业证)多伦多都会大学毕业证如何办理
一比一原版(TMU毕业证)多伦多都会大学毕业证如何办理
yuhofha
 
Full Sail_Morales_Michael_SMM_2024-05.pptx
Full Sail_Morales_Michael_SMM_2024-05.pptxFull Sail_Morales_Michael_SMM_2024-05.pptx
Full Sail_Morales_Michael_SMM_2024-05.pptx
mmorales2173
 
How Mentoring Elevates Your PM Career | PMI Silver Spring Chapter
How Mentoring Elevates Your PM Career | PMI Silver Spring ChapterHow Mentoring Elevates Your PM Career | PMI Silver Spring Chapter
How Mentoring Elevates Your PM Career | PMI Silver Spring Chapter
Hector Del Castillo, CPM, CPMM
 
MISS TEEN GONDA 2024 - WINNER ABHA VISHWAKARMA
MISS TEEN GONDA 2024 - WINNER ABHA VISHWAKARMAMISS TEEN GONDA 2024 - WINNER ABHA VISHWAKARMA
MISS TEEN GONDA 2024 - WINNER ABHA VISHWAKARMA
DK PAGEANT
 
Jill Pizzola's Tenure as Senior Talent Acquisition Partner at THOMSON REUTERS...
Jill Pizzola's Tenure as Senior Talent Acquisition Partner at THOMSON REUTERS...Jill Pizzola's Tenure as Senior Talent Acquisition Partner at THOMSON REUTERS...
Jill Pizzola's Tenure as Senior Talent Acquisition Partner at THOMSON REUTERS...
dsnow9802
 
RECOGNITION AWARD 13 - TO ALESSANDRO MARTINS.pdf
RECOGNITION AWARD 13 - TO ALESSANDRO MARTINS.pdfRECOGNITION AWARD 13 - TO ALESSANDRO MARTINS.pdf
RECOGNITION AWARD 13 - TO ALESSANDRO MARTINS.pdf
AlessandroMartins454470
 
Resumes, Cover Letters, and Applying Online
Resumes, Cover Letters, and Applying OnlineResumes, Cover Letters, and Applying Online
Resumes, Cover Letters, and Applying Online
Bruce Bennett
 
一比一原版(UVic毕业证)维多利亚大学毕业证如何办理
一比一原版(UVic毕业证)维多利亚大学毕业证如何办理一比一原版(UVic毕业证)维多利亚大学毕业证如何办理
一比一原版(UVic毕业证)维多利亚大学毕业证如何办理
pxyhy
 
0624.speakingengagementsandteaching-01.pdf
0624.speakingengagementsandteaching-01.pdf0624.speakingengagementsandteaching-01.pdf
0624.speakingengagementsandteaching-01.pdf
Thomas GIRARD BDes
 
原版制作(RMIT毕业证书)墨尔本皇家理工大学毕业证在读证明一模一样
原版制作(RMIT毕业证书)墨尔本皇家理工大学毕业证在读证明一模一样原版制作(RMIT毕业证书)墨尔本皇家理工大学毕业证在读证明一模一样
原版制作(RMIT毕业证书)墨尔本皇家理工大学毕业证在读证明一模一样
atwvhyhm
 
Andrea Kate Portfolio Presentation.pdf
Andrea Kate Portfolio Presentation.pdfAndrea Kate Portfolio Presentation.pdf
Andrea Kate Portfolio Presentation.pdf
andreakaterasco
 
在线制作加拿大萨省大学毕业证文凭证书实拍图原版一模一样
在线制作加拿大萨省大学毕业证文凭证书实拍图原版一模一样在线制作加拿大萨省大学毕业证文凭证书实拍图原版一模一样
在线制作加拿大萨省大学毕业证文凭证书实拍图原版一模一样
2zjra9bn
 

Recently uploaded (20)

一比一原版(SFU毕业证)西蒙弗雷泽大学毕业证如何办理
一比一原版(SFU毕业证)西蒙弗雷泽大学毕业证如何办理一比一原版(SFU毕业证)西蒙弗雷泽大学毕业证如何办理
一比一原版(SFU毕业证)西蒙弗雷泽大学毕业证如何办理
 
'Guidance and counselling- role of Psychologist in Guidance and Counselling.
'Guidance and counselling- role of Psychologist in Guidance and Counselling.'Guidance and counselling- role of Psychologist in Guidance and Counselling.
'Guidance and counselling- role of Psychologist in Guidance and Counselling.
 
一比一原版(QU毕业证)皇后大学毕业证如何办理
一比一原版(QU毕业证)皇后大学毕业证如何办理一比一原版(QU毕业证)皇后大学毕业证如何办理
一比一原版(QU毕业证)皇后大学毕业证如何办理
 
Digital Marketing Training In Bangalore
Digital Marketing Training In BangaloreDigital Marketing Training In Bangalore
Digital Marketing Training In Bangalore
 
Brand Identity For A Sportscaster Project and Portfolio I
Brand Identity For A Sportscaster Project and Portfolio IBrand Identity For A Sportscaster Project and Portfolio I
Brand Identity For A Sportscaster Project and Portfolio I
 
New Explore Careers and College Majors 2024
New Explore Careers and College Majors 2024New Explore Careers and College Majors 2024
New Explore Careers and College Majors 2024
 
Personal Brand exploration KE.pdf for assignment
Personal Brand exploration KE.pdf for assignmentPersonal Brand exploration KE.pdf for assignment
Personal Brand exploration KE.pdf for assignment
 
DOC-20240602-WA0001..pdf DOC-20240602-WA0001..pdf
DOC-20240602-WA0001..pdf DOC-20240602-WA0001..pdfDOC-20240602-WA0001..pdf DOC-20240602-WA0001..pdf
DOC-20240602-WA0001..pdf DOC-20240602-WA0001..pdf
 
一比一原版(TMU毕业证)多伦多都会大学毕业证如何办理
一比一原版(TMU毕业证)多伦多都会大学毕业证如何办理一比一原版(TMU毕业证)多伦多都会大学毕业证如何办理
一比一原版(TMU毕业证)多伦多都会大学毕业证如何办理
 
Full Sail_Morales_Michael_SMM_2024-05.pptx
Full Sail_Morales_Michael_SMM_2024-05.pptxFull Sail_Morales_Michael_SMM_2024-05.pptx
Full Sail_Morales_Michael_SMM_2024-05.pptx
 
How Mentoring Elevates Your PM Career | PMI Silver Spring Chapter
How Mentoring Elevates Your PM Career | PMI Silver Spring ChapterHow Mentoring Elevates Your PM Career | PMI Silver Spring Chapter
How Mentoring Elevates Your PM Career | PMI Silver Spring Chapter
 
MISS TEEN GONDA 2024 - WINNER ABHA VISHWAKARMA
MISS TEEN GONDA 2024 - WINNER ABHA VISHWAKARMAMISS TEEN GONDA 2024 - WINNER ABHA VISHWAKARMA
MISS TEEN GONDA 2024 - WINNER ABHA VISHWAKARMA
 
Jill Pizzola's Tenure as Senior Talent Acquisition Partner at THOMSON REUTERS...
Jill Pizzola's Tenure as Senior Talent Acquisition Partner at THOMSON REUTERS...Jill Pizzola's Tenure as Senior Talent Acquisition Partner at THOMSON REUTERS...
Jill Pizzola's Tenure as Senior Talent Acquisition Partner at THOMSON REUTERS...
 
RECOGNITION AWARD 13 - TO ALESSANDRO MARTINS.pdf
RECOGNITION AWARD 13 - TO ALESSANDRO MARTINS.pdfRECOGNITION AWARD 13 - TO ALESSANDRO MARTINS.pdf
RECOGNITION AWARD 13 - TO ALESSANDRO MARTINS.pdf
 
Resumes, Cover Letters, and Applying Online
Resumes, Cover Letters, and Applying OnlineResumes, Cover Letters, and Applying Online
Resumes, Cover Letters, and Applying Online
 
一比一原版(UVic毕业证)维多利亚大学毕业证如何办理
一比一原版(UVic毕业证)维多利亚大学毕业证如何办理一比一原版(UVic毕业证)维多利亚大学毕业证如何办理
一比一原版(UVic毕业证)维多利亚大学毕业证如何办理
 
0624.speakingengagementsandteaching-01.pdf
0624.speakingengagementsandteaching-01.pdf0624.speakingengagementsandteaching-01.pdf
0624.speakingengagementsandteaching-01.pdf
 
原版制作(RMIT毕业证书)墨尔本皇家理工大学毕业证在读证明一模一样
原版制作(RMIT毕业证书)墨尔本皇家理工大学毕业证在读证明一模一样原版制作(RMIT毕业证书)墨尔本皇家理工大学毕业证在读证明一模一样
原版制作(RMIT毕业证书)墨尔本皇家理工大学毕业证在读证明一模一样
 
Andrea Kate Portfolio Presentation.pdf
Andrea Kate Portfolio Presentation.pdfAndrea Kate Portfolio Presentation.pdf
Andrea Kate Portfolio Presentation.pdf
 
在线制作加拿大萨省大学毕业证文凭证书实拍图原版一模一样
在线制作加拿大萨省大学毕业证文凭证书实拍图原版一模一样在线制作加拿大萨省大学毕业证文凭证书实拍图原版一模一样
在线制作加拿大萨省大学毕业证文凭证书实拍图原版一模一样
 

Information_Governance_Risk_Compliance_Frameworks (v5)

  • 1. INFORMATION GOVERNANCE-RISK-SECURITY-COMPLIANCE GOVERNANCE  COBIT - ISACA  ITIL V3 - HM Government  ISO-38500 - ISO  CSF - HITRUST  ITSM - HM Government RISK MANAGEMENT  COSO-ERM - Committee of Sponsoring Orgs  ISO-31000/31010 – ISO  ITAF – ISACA GOVERNMENT  FISMA - Fed Info Security Mgt Act  FIPS – Fed Info Processing Stand (14)  FIPS 200 - Min Security Requirements  CIP 1-9 – NERC CIP-007 Sys Security Mgt.  DIACAP - DoD In Ass Cert Accred. Proces REGULATORY /COMPLIANCE  GLBA – 8 Government Agencies  BASE II - Basel Committee Banking Supervisn  SOX 404 – SEC - Public Acct Oversight Board  SAS 70 / SSAE16 - Auditing Standards Board  PCI-DSS - PCI-SSC  HIPAA - Health and Human Services (HHS)  OMNIBUS RULE – HITECH  SAFE HARBOR  EU DIRECTIVE 95/46  CBPR – Cross Border Privacy Rules (APEC)  E-DISCOVERY  FACTA-RED FLAGS  CALIFORNIA SB 1386 QUALITY MANAGEMENT / SDLC  CMMI - Carnegie-Mellon University Capability Maturity Model Integration  OGRCM3 - SOMAP Open Governance, Risk and Compliance Maturity Management Methodology RISK ASSESSMENT METHODOLOGY  COBRA - C&A Systems Security Consultative, Objective Bi-functional Risk Analysis  OCTAVE - CERT Operationally Critical Threat, Asset, Vuln Eval  CRAMM - CCTA CCTA Risk Analysis and Management Method  SPRINT - Information Security Forum Simplified Process for Risk Identification  SP800-30 - NIST Guide to Conducting Risk Assessments  ISSAF – OISSG Information Sys Sec Assessment Framework  IAM – NSA INFOSEC Assessment Methodology  ISAM – ISAM Information-Sec Assessment Methodology RISK ANALYSIS  FAIR - The Open Group Factor Analysis of information Risk  FRAP - Carnegie-Mellon University Facilitated Risk Analysis Process VULNERABILITY / SECURITY ASSESSMENT  OSSTM - ISECOM Open Source Security Testing Methodology Manual  Common Criteria - ISO/IEC 15408 STANDARDS GUIDELINES BEST PRACTICE  ISO-27002 – ISO  COMMON CRITERIA - App Sec Review  OWASP – Top 10 & Cheat sheets  NIST – ALL  SP800-53 – NIST – Security Management  CIS