Information Technology Reference
In-Depth Information
Source Country
Institution
Best Practice
Online Source
Canada
Communications Security
Establishment (CSE)
Publications include IT Security
Handbook, Threat and Risk
Assessment Working Guide, and
many more
http://www.cse.dnd.ca/index-e.html
Europe
European Telecommunications
Standards Institute (ETSI)
Many security standards
http://www.etsi.org/
United States
Center for Emergency Response
(CERT)
Guide to System and Network
Security Practices
http://www.cert.org/
United States
Center for Emergency Response
(CERT)
Security improvement modules
http://www.cert.org/
United States
Center for Emergency Response
(CERT)
CSIRT development
http://www.cert.org/csirts/
United States
ISACA
COBIT security baseline
http://www.isaca.org/
United States
Ofice of Management Budget
(OMB)
OMB Circular A-130 Appendix III—
“Security of Federal Automated
Resources”
http://www.whitehouse.gov/omb/
circulars/a130/appendix_iii.pdf
United States
Carnegie Mellon University
System Security Engineering (SSE)
Capability Maturity Model (CMM)
http://www.sse-cmm.org/index.html
United States
Purdue University
CERIAS
http://www.cerias.purdue.edu/
United States
DoD issuances
DoD directives (e.g., 8500.01E IA),
DoD instructions (8500.2 IA
implementation)
http://www.dtic.mil/whs/directives/
