Laws And Regulations | Official Security Resources | Standards And Frameworks




Best Practice Standards, Frameworks & Methodologies




Cloud Security Alliance (CSA) is a none profit organisation promoting the use of best practices for providing security assurance within Cloud Computing. CSA also provide education on the uses of Cloud Computing.


Control Objectives for Information and Related Technology (CobiT) is an IT Governance framework and best practices for defining control requirements and mapping these to business needs.


ISO/IEC 27000 is a family of best practice information security standards.


Information Technology Infrastructure Library (ITIL) is a framework including best practice standards for IT services management. ITIL standardises and delivers IT
services within a business.


OSSTMM (Open Source Security Testing Methodology Manual) is a methodology for performing security tests and metrics in five different areas.


Open Web Application Security Project (OWASP) is an open source community project developing software tools and documentation in order to secure web applications and web services.


The Trusted Computing Group (TGC) is an international industry standards organisation that develops and promotes open standards for trusted computing. Some of the standards that TGC provides are for authentication, data protection, network security and disaster recovery.