Help:Contents: Difference between revisions
No edit summary |
No edit summary |
||
| Line 27: | Line 27: | ||
[http://usa.visa.com/business/accepting_visa/ops_risk_management/cisp.html '''PCI''']<br> | [http://usa.visa.com/business/accepting_visa/ops_risk_management/cisp.html '''PCI''']<br> | ||
[http://csrc.nist.gov/sec-cert/ '''FISMA''']<br> | [http://csrc.nist.gov/sec-cert/ '''FISMA''']<br> | ||
[http://csrc.nist.gov/publications/nistpubs/ | [http://csrc.nist.gov/publications/nistpubs/800-66/SP800-66.pdf '''NIST SP 800-66''']<br> | ||
[http://iase.disa.mil/ditscap/index.html '''Ditscap''']<br> | [http://iase.disa.mil/ditscap/index.html '''Ditscap''']<br> | ||
'''Control Exception:''' If a control condition exists that is exempt from testing, documentation should be available.<br> | '''Control Exception:''' If a control condition exists that is exempt from testing, documentation should be available.<br> | ||
Revision as of 13:03, 11 May 2006
File:Greenlock.jpg The status of this control objective is acceptable.
File:Yellowlock.jpg The status of this control objective requires additional attention.
File:Bluelock.jpg The status of this control objective has been remediated.
File:Redlock.jpg The status of this control objective is not acceptable and requires remediation.
Consult the User's Guide for information on using the wiki software.
Getting started
A brief explanation of industry or legislative control requirments can be found through the links below.
Sarbanes-Oxley
HIPAA
GLBA
PCI
FISMA
NIST SP 800-66
Ditscap
Control Exception: If a control condition exists that is exempt from testing, documentation should be available.
User Defined: Any control that is truly unique to the enterprise should be noted accordingly.
--Mdpeters 10:46, 10 May 2006 (EDT)