Compliance: Difference between revisions
Jump to navigation
Jump to search
(New page: '''COBIT 4.0 Domains:''' '''Planning and Organization'''<br> '''Acquisition and Implementation'''<br> [[Delivery and Sup...) |
|||
| (23 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
==COBIT 4.0 Domains:== | |||
[[Planning and Organization:|'''Planning and Organization''']]<br> | [[Planning and Organization:|'''Planning and Organization''']]<br> | ||
[[Acquisition and Implementation:|'''Acquisition and Implementation''']]<br> | [[Acquisition and Implementation:|'''Acquisition and Implementation''']]<br> | ||
[[Delivery and Support:|'''Delivery and Support''']]<br> | [[Delivery and Support:|'''Delivery and Support''']]<br> | ||
[[Monitor and Evaluate:|'''Monitor and Evaluate''']]<br> | [[Monitor and Evaluate:|'''Monitor and Evaluate''']]<br> | ||
==ISO 27002 Domains:== | |||
[[Risk Assessment and Treatment:|'''Risk Assessment and Treatment''']]<br> | [[Risk Assessment and Treatment:|'''Risk Assessment and Treatment''']]<br> | ||
[[Security Policy:|'''Security Policy''']]<br> | [[Security Policy:|'''Security Policy''']]<br> | ||
| Line 18: | Line 15: | ||
[[Access Control:|'''Access Control''']]<br> | [[Access Control:|'''Access Control''']]<br> | ||
[[Information Systems Acquisition, Development and Maintenance:|'''Information Systems Acquisition, Development and Maintenance''']]<br> | [[Information Systems Acquisition, Development and Maintenance:|'''Information Systems Acquisition, Development and Maintenance''']]<br> | ||
[[ | [[Incident_Management:|'''Information Security Incident Management''']]<br> | ||
[[Business Continuity Management:|'''Business Continuity Management''']]<br> | [[Business Continuity Management:|'''Business Continuity Management''']]<br> | ||
[[Compliance:|'''Compliance''']]<br> | [[Compliance:|'''Compliance''']]<br> | ||
==ITIL IT Infrastructure Library:== | |||
[[Service Level Management:|'''Service Level Management''']]<br> | [[Service Level Management:|'''Service Level Management''']]<br> | ||
[[Financial Management:|'''Financial Management''']]<br> | [[Financial Management:|'''Financial Management''']]<br> | ||
| Line 37: | Line 32: | ||
[[Change Management:|'''Change Management''']]<br> | [[Change Management:|'''Change Management''']]<br> | ||
[[Release Management:|'''Release Management''']]<br> | [[Release Management:|'''Release Management''']]<br> | ||
==COSO Enterprise Risk Management Framework Domains:== | |||
[[Internal Environment:|'''Internal Environment''']]<br> | [[Internal Environment:|'''Internal Environment''']]<br> | ||
[[Objective Setting:|'''Objective Setting''']]<br> | [[Objective Setting:|'''Objective Setting''']]<br> | ||
| Line 50: | Line 43: | ||
[[Monitoring:|'''Monitoring''']]<br> | [[Monitoring:|'''Monitoring''']]<br> | ||
<br> | <br> | ||
==NIST: National Institute of Standards and Technology Publications== | |||
[[Media:NISTSP800-30.pdf | SP 800-30''']]<br> | |||
[[Media:NISTSP800-37.pdf | SP 800-37''']]<br> | |||
[[Media:NISTSP800-53.pdf | SP 800-53''']]<br> | |||
[[Media:NISTSP800-53A.pdf | SP 800-53A''']]<br> | |||
[[Media:NISTSP800-59.pdf | SP 800-59''']]<br> | |||
[[Media:NISTSP800-60.pdf | SP 800-60''']]<br> | |||
===FIPS: Federal Information Processing Standards=== | |||
[[Media:FIPS199.pdf | FIPS 199]]<br> | |||
[[Media:FIPS200.pdf | FIPS 200]]<br> | |||
<br> | <br> | ||
==FISMA: Federal Information Security Management Act: [[FISMA]]== | |||
<br> | <br> | ||
==DOI: [[Department of Insurance:|Department of Insurance]]== | |||
<br> | |||
==HIPAA: [[HIPAA | Health Insurance Portability and Accountability Act]]== | |||
<br> | <br> | ||
==PCI: [[PCI:|Payment Card Industry - AKA - VISA CISP]]== | |||
<br> | |||
==FFIEC [[FFIEC:| Federal Financial Institutions Examination Council]]== | |||
<br> | <br> | ||
[[Image:HORSE-SystemWizard.jpg]]<br> | ==BSA: [[Bank Secrecy Act:| Bank Secrecy Act and Anti-Money Laundering]]== | ||
<br> | |||
[[Image:HORSE-SystemWizard-A.jpg]]<br> | |||
<br> | <br> | ||
[[COBIT and COSO Framework Process Overview:|'''COBIT and COSO Framework Process Overview''']] | ==[[COBIT and COSO Framework Process Overview:|'''COBIT and COSO Framework Process Overview''']]== | ||
Latest revision as of 21:27, 18 January 2015
COBIT 4.0 Domains:
Planning and Organization
Acquisition and Implementation
Delivery and Support
Monitor and Evaluate
ISO 27002 Domains:
Risk Assessment and Treatment
Security Policy
Organizing Information Security
Asset Management
Human Resources Security
Physical and Environmental Security
Communications and Operations Management
Access Control
Information Systems Acquisition, Development and Maintenance
Information Security Incident Management
Business Continuity Management
Compliance
ITIL IT Infrastructure Library:
Service Level Management
Financial Management
Capacity Management
Availability Management
Continuity Management
Security Management
Service Desk Management
Incident Management
Problem Management
Configuration Mangement
Change Management
Release Management
COSO Enterprise Risk Management Framework Domains:
Internal Environment
Objective Setting
Event Identification
Risk Assessment
Risk Response
Control Activities
Information and Communications
Monitoring
NIST: National Institute of Standards and Technology Publications
SP 800-30
SP 800-37
SP 800-53
SP 800-53A
SP 800-59
SP 800-60
FIPS: Federal Information Processing Standards
FISMA: Federal Information Security Management Act: FISMA
DOI: Department of Insurance
HIPAA: Health Insurance Portability and Accountability Act
PCI: Payment Card Industry - AKA - VISA CISP
FFIEC Federal Financial Institutions Examination Council
BSA: Bank Secrecy Act and Anti-Money Laundering
