Help:Contents: Difference between revisions

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search
No edit summary
No edit summary
Line 16: Line 16:


----
----
<br>
A brief explanation of industry or legislative control requirments can be found through the links below.
    [http://www.sec.gov/divisions/corpfin/faqs/soxact2002.htm Sarbanes-Oxley]
    [http://aspe.hhs.gov/admnsimp/pl104191.htm HIPAA]
    [http://www.ftc.gov/privacy/glbact/glbsub1.htm GLBA]
    [http://usa.visa.com/business/accepting_visa/ops_risk_management/cisp.html PCI]
    [http://csrc.nist.gov/sec-cert/ FISMA]
    [http://csrc.nist.gov/publications/nistpubs/index.html NIST SP 800-66]
    [http://iase.disa.mil/ditscap/index.html Ditscap]
    Control Exception: If a control condition exists that is exempt from testing, documentation should be available.
    User Defined: Any control that is truly unique to the enterprise should be noted accordingly.

Revision as of 18:45, 2 May 2006

File:Greenlock.jpg The status of this control objective is acceptable.

File:Yellowlock.jpg The status of this control objective requires additional attention.

File:Redlock.jpg The status of this control objective is not acceptable and requires remediation.



Consult the User's Guide for information on using the wiki software.

Getting started



A brief explanation of industry or legislative control requirments can be found through the links below.

   Sarbanes-Oxley 
   HIPAA 
   GLBA
   PCI
   FISMA 
   NIST SP 800-66
   Ditscap
   Control Exception: If a control condition exists that is exempt from testing, documentation should be available.
   User Defined: Any control that is truly unique to the enterprise should be noted accordingly.