Help:Contents: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 16: | Line 16: | ||
---- | ---- | ||
<br> | |||
A brief explanation of industry or legislative control requirments can be found through the links below. | |||
[http://www.sec.gov/divisions/corpfin/faqs/soxact2002.htm Sarbanes-Oxley] | |||
[http://aspe.hhs.gov/admnsimp/pl104191.htm HIPAA] | |||
[http://www.ftc.gov/privacy/glbact/glbsub1.htm GLBA] | |||
[http://usa.visa.com/business/accepting_visa/ops_risk_management/cisp.html PCI] | |||
[http://csrc.nist.gov/sec-cert/ FISMA] | |||
[http://csrc.nist.gov/publications/nistpubs/index.html NIST SP 800-66] | |||
[http://iase.disa.mil/ditscap/index.html Ditscap] | |||
Control Exception: If a control condition exists that is exempt from testing, documentation should be available. | |||
User Defined: Any control that is truly unique to the enterprise should be noted accordingly. | |||
Revision as of 18:45, 2 May 2006
File:Greenlock.jpg The status of this control objective is acceptable.
File:Yellowlock.jpg The status of this control objective requires additional attention.
File:Redlock.jpg The status of this control objective is not acceptable and requires remediation.
Consult the User's Guide for information on using the wiki software.
Getting started
A brief explanation of industry or legislative control requirments can be found through the links below.
Sarbanes-Oxley HIPAA GLBA PCI FISMA NIST SP 800-66 Ditscap Control Exception: If a control condition exists that is exempt from testing, documentation should be available. User Defined: Any control that is truly unique to the enterprise should be noted accordingly.