The Open Group : Making Standards Work
About The Open Group The Open Group Forums Certification Collaboration Services
Sponsor an Event Become a Member of The Open Group The Open Group Member Area
Government Programs Events Bookstore & Downloads Newsroom Contact The Open Group
You are here: Home > Forums > Security Forum



Other Consortia

Over many years now, we have developed working relationships with other industry groups and consortia who work on information security solutions. These liaisons wax and wane according to the priority and level of involvement of particular development work. For convenience and visibility, we maintain a list of information security consortia. It is not intended to be an exclusive list, but if you notice a significant omission or expired inclusion, please contact us to tell us to update it.

Information sources

The remainder of this page gives an extensive list of useful links to Web sites maintained by other organizations who are active in information security. The range of information accessible through these links is enormous, reflecting the number of organizations and consortia involved and the huge variety of information available.

To assist you in find what you are seeking, the following groupings are used:

Other Information Sourcing Sites

The Information Society Technologies (IST) Web pages give a wealth of links to useful information sources. In particular, its Information Security Standards Web page lists link to Active Forums and to Security Standards by market sector.

The Computer and Communication Web page gives a more general overview of links to current standards activities and who is doing them, across all areas of Information Technology.

Consortia, Organizations and Associations

ABA ISC: American Bar Association, Information Security Council

ACSE: Applied Computer Security Associates

ANSI (the American National Standards Institute),
Go to, select the NCITS (Information Technology) standards category, then select "Standards search" and do a "Lookup" on "security". This produces an extensive list of standards.

ASIS: American Society for Industrial Security

BSI: British Standards Institute
Go to
Note: BS7799 - Toward Standardization of Information Security.

CIO: Chief Information Officer
Has an "Analyst Corner", and other areas that address security issues.
Their new resource for security executives is CSO Magazine -

CIS: Center for Internet Security
Particularly recommended is their Security Cookbook -


CSIS: Center for Secure Information Systems

HTCIA: High Technology Crime Investigation Association

I4 - International Information Integrity Institute

IACSS: International Association for Computer Systems Security, Inc.

IEEE: Institute of Electrical and Electronics Engineers, Inc.

IETF: the Internet Engineering Task Force

IFIP: International Federation for Information Processing (IFIP) Technical Committee 11 (TC-11) on Security and Protection in Information Systems

I2SF: International Information Security Foundation
Aims to Develop and Promulgate Generally Accepted System Security Principles (GASSP) -

ISACA: Information Systems Audit and Control Association
Provides access to their COBIT (Control Objectives for Information and related Technology), their Standards for Information Systems Control Professionals (, and their K-NET repository of information.

iSPEC: International Society for Professionals in E-Commerce

ISSA: Information Systems Security Association, Inc.

ISC2: International Information Systems Security Certification Consortium

ISO: the International Standards Organization

ISO/IEC Guidelines for the Management of IT Security (GMITS).
See and

IT Governance Institute

JTC1: Joint Technical Committee 1 (JTC 1) and TAG (Technical Advisory Group)

NCITS: National Committee for Information Technology Standards (formerly X3); Technical Committee T4

National Classification Management Society, Inc.

NCPEC: National Coalition for the Prevention of Economic Crime

NIST (U.S.National Institute of Standards and Technology)
Look in NIST CSD (Computer Security Division) for links to various standards. One recently recommended by a member is "Contingency Planning Guide For Information Technology Systems," ed Elizabeth Lennon,

NSFF: Network Security Framework Forum

NSI: National Security Institute

NW3: National White Collar Crime Center

OECD: Organization for Economic Cooperation and Development

PKI Forum

SANS: System Administration, Networking, and Security Institute
Provides links to many standards documents.
SANS is particularly useful for accessing publications on legal issues -

The Open Group

W3C: The World Wide Web Consortium

Policy Management

Axent Technologies,
Product: Enterprise Security Manager

BindView Development Corporation,
Product: bv-Control and bv-Admin

BMC Software,
Products: BMC Control-SA

Computer Associates,
Products: eTrust product line: e-Business Security Management suite

e-Security Inc.,
Product: Open e-Security Platform (OeSP) suite

Product: AccessMaster suite

Product: Tivoli SecureWay suite

Risk Assessment,
Product: Kane Security Analyst

Internet Security Systems (ISS),
Products: ISS Security Scanner

Network Associates Inc.,
Product: CyberCop Scanner


To request additions, deletions and amendments to this page, please contact Loren Baynes.




   |   Legal Notices & Terms of Use   |   Privacy Statement   |   Top of Page   Return to Top of Page