Information Security Standards Organizations Standardization bodies are organizations that exist specifically for developing, coordinating, promoting, and interpreting technical standards. NIST - National Institute of Standards - The U.S government organization responsible for defining standards to protect and assure the security of sensitive but unclassified data within government agencies. Computer Security Resource Center (CSRC) Guide to NIST Information Security Docs Guide for Developing Security Plans OWASP - HITRUST BSi - British Standards Institute - CIS - Center for Internet Security. - The CIS releases free security benchmarks that come with tools to measure compliance. These benchmarks and tools are widely adopted and have become important of DHS- sponsored public/private partnerships. ISO/IEC - International Organization for Standardization - is a non-governmental worldwide federation established in 1947 and made up of the national standard...
