|
|
 |
ISM3 Consortium |
|
standards that work
|
|
|
|
|
|
|
|
|
ISMS and Security Related Links
- ISM Community
- IT Compliance Institute
- OCEG
- MITRE
- IT Governance Institute
- IT Process Institute
- CERIAS
- CEE Log Standard
- ISMS Forum Spain
- ISO27001-ES
- Comunidade ISMS-PT
ISM3 Related Methodologies and Certifications
- AEDI CAYSER
- CIS
- CRAMM
- DCSSI EBIOS
- ISSA GAISP
- ISO 9001:2000
- MAP MAGERIT
- CLUSIF MEHARI
- NSA Security Configuration Guides
- NIST RBAC
- SSE-CMM
- OIS SVRRP
- CERT OCTAVE
- ISECOM OSSTMM
- OWASP
- SEI P-CMM
- BSI BS ISO/IEC 27001 (or in Plain English )
- BSI BS ISO/IEC 27002 (or in Plain English )
- SEI CMMI
- ISACA COBIT
- EA 7/03
- ISO 13335
- ISO 19011:2002
- ITSM, ITIL
- NIST SP800-53
- NIST SP800-55
ISM3 Referenced Papers
- Towards maturity of information maturity criteria: six lessons learned from software quality criteria.
Mikko Siponen, 2002.
- Designing secure information systems and software: Critical evaluation of the existing approaches and a new paradigm.Mikko Siponen, 2002.
- Information Security Governance: Toward a Framework for Action.Business Software Alliance, 2003.
- CISWG Report of the Best Practices and Metrics Teams
- Federal Information Security Management Act 2002.
- CyberPartnerShip Information Governance
- University of New Haven "Mathematical Proofs of Mayfield's Paradox: A Fundamental Principle of Information Security"
- Carnegie Mellon University "The Survivability of Network Systems: An Empirical Analysis"
|
|
|
|
|
|
|
