ISO/IEC & NIST guidelines

I have compiled a list of guidelines that I thought might be helpful to some. I have been putting off committing these to memory until now...my test is next week

ISO/IEC 14443 - Identification cards -- Contactless integrated circuit cards -- Proximity cards
ISO/IEC 15408 - Common Criteria
ISO/IEC 17799 - Security techniques -- Code of practice for information security management
ISO/IEC 27001 - Security techniques -- Information security management systems
ISO/IEC 27002 - Security techniques -- Code of practice for information security management
ISO/IEC 27004 - Security techniques -- Information security management
ISO/IEC 27005 - Security techniques -- Information security risk management
ISO/IEC 27031 - Security techniques -- Guidelines for information and communication technology readiness for business continuity
ISO/IEC 27034 - Security techniques -- Application security

NIST 800-34 - Disaster Recovery
NIST 800-37 - Guide for Applying the Risk Management Framework to Federal Information Systems
NIST 800-53 - Recommended Security Controls for Federal Information Systems and Organizations
NIST 800-55 - Performance Measurement Guide for Information Security

BS7799 Initially developed from BS7799-1, ISO 17799 is an international standard that sets out the requirements of good practice for Information Security Management

Find more posts tagged with

Comments

beads

In the past I have used both spider diagramming or mind mapping techniques by hand to really drill these types of concepts into my head. Both very useful techniques. But I like the breakdown.

- B Eads

sdsan21

Hi, can you share me the iso 27000 guide line?

SteveLavoie

sdsan21, usually, ISO guide are not free.

JDMurray

ANSI/ISO/IEC and ITU documents are purchased and electronically watermarked with the identity of their purchaser. NIST documents are freely available.