The Open Group : Making Standards Work
About The Open Group The Open Group Forums Certification Collaboration Services
HOME   |   SITE MAP  
Sponsor an Event Become a Member of The Open Group The Open Group Member Area
Government Programs Events Bookstore & Downloads Newsroom Contact The Open Group
You are here: Home > Forums > Security Forum
Security

Links

   

Other Consortia

Over many years now, we have developed working relationships with other industry groups and consortia who work on information security solutions. These liaisons wax and wane according to the priority and level of involvement of particular development work. For convenience and visibility, we maintain a list of information security consortia. It is not intended to be an exclusive list, but if you notice a significant omission or expired inclusion, please contact us to tell us to update it.

Information sources

The remainder of this page gives an extensive list of useful links to Web sites maintained by other organizations who are active in information security. The range of information accessible through these links is enormous, reflecting the number of organizations and consortia involved and the huge variety of information available.

To assist you in find what you are seeking, the following groupings are used:

Other Information Sourcing Sites

The Information Society Technologies (IST) Web pages give a wealth of links to useful information sources. In particular, its Information Security Standards Web page lists link to Active Forums and to Security Standards by market sector.

The Computer and Communication Web page gives a more general overview of links to current standards activities and who is doing them, across all areas of Information Technology.

Consortia, Organizations and Associations

ABA ISC: American Bar Association, Information Security Council
http://www.abanet.org/

ACSE: Applied Computer Security Associates
http://www.acsac.org

ANSI (the American National Standards Institute),
http://www.ansi.org/home.html
Go to http://webstore.ansi.org/ansidocstore, select the NCITS (Information Technology) standards category, then select "Standards search" and do a "Lookup" on "security". This produces an extensive list of standards.

ASIS: American Society for Industrial Security
http://www.asisonline.org

BSI: British Standards Institute
http://www.bsi-global.com/
Go to http://www.bsi-global.com/Information+Security+Homepage/index.xalter
Note: BS7799 - Toward Standardization of Information Security.

CIO: Chief Information Officer
http://www.cio.com
Has an "Analyst Corner", and other areas that address security issues.
Their new resource for security executives is CSO Magazine - http://www.csoonline.com/

CIS: Center for Internet Security
http://www.cisecurity.org
Particularly recommended is their Security Cookbook -
http://www.internetweek.com/story/INW20010718S0011

COBIT: see ISACA

CSIS: Center for Secure Information Systems
http://www.isse.gmu.edu/~csis

HTCIA: High Technology Crime Investigation Association
http://htcia.org

I4 - International Information Integrity Institute
https://i4online.com

IACSS: International Association for Computer Systems Security, Inc.
http://www.iacss.com/

IEEE: Institute of Electrical and Electronics Engineers, Inc.
http://www.ieee.org/index.html

IETF: the Internet Engineering Task Force
http://www.ietf.cnri.reston.va.us/home.html

IFIP: International Federation for Information Processing (IFIP) Technical Committee 11 (TC-11) on Security and Protection in Information Systems
http://www.ifip.tu-graz.ac.at/TC11/

I2SF: International Information Security Foundation
http://w3.mit.edu/security/www/gassp1.html
Aims to Develop and Promulgate Generally Accepted System Security Principles (GASSP) - http://web.mit.edu/security/www/GASSP/GASSP.DOC

ISACA: Information Systems Audit and Control Association
http://www.isaca.org
Provides access to their COBIT (Control Objectives for Information and related Technology), their Standards for Information Systems Control Professionals (http://www.isaca.org/standard/stand3.htm), and their K-NET repository of information.

iSPEC: International Society for Professionals in E-Commerce
http://www.ispec.org/

ISSA: Information Systems Security Association, Inc.
http://www.issa-intl.org/

ISC2: International Information Systems Security Certification Consortium
http://www.isc2.org/

ISO: the International Standards Organization
http://www.iso.ch/welcome.html

ISO/IEC Guidelines for the Management of IT Security (GMITS).
See http://www.diffuse.org/guides.html and http://www.diffuse.org/secguide.html

IT Governance Institute
http://www.itgi.org/

JTC1: Joint Technical Committee 1 (JTC 1) and TAG (Technical Advisory Group)
http://www.jtc1tag.org

NCITS: National Committee for Information Technology Standards (formerly X3); Technical Committee T4
http://www.ncits.org/

National Classification Management Society, Inc.
http://www.classmgmt.com

NCPEC: National Coalition for the Prevention of Economic Crime
http://www.ncpec.org

NIST (U.S.National Institute of Standards and Technology)
http://csrc.nist.gov
Look in NIST CSD (Computer Security Division) for links to various standards. One recently recommended by a member is "Contingency Planning Guide For Information Technology Systems," ed Elizabeth Lennon, http://csrc.nist.gov/publications/nistpubs

NSFF: Network Security Framework Forum
http://www.nsff.org

NSI: National Security Institute
http://www.nsi.org

NW3: National White Collar Crime Center
http://www.nw3c.org/

OECD: Organization for Economic Cooperation and Development
http://www.oecd.org/

PKI Forum
http://www.pkiforum.org

SANS: System Administration, Networking, and Security Institute
http://www.sans.org
Provides links to many standards documents.
SANS is particularly useful for accessing publications on legal issues - http://www.sans.org/infosecFAQ/legal/legal_list.htm

The Open Group
http://www.opengroup.org/security

W3C: The World Wide Web Consortium
http://www.w3c.org

Policy Management

Axent Technologies, http://www.axent.com
Product: Enterprise Security Manager

BindView Development Corporation, http://www.bindview.com
Product: bv-Control and bv-Admin

BMC Software, http://www.bmc.com
Products: BMC Control-SA

Computer Associates, http://www.ca.com
Products: eTrust product line: e-Business Security Management suite

e-Security Inc., http://www.esecurityinc.com
Product: Open e-Security Platform (OeSP) suite

Evidian, http://www.evidian.com
Product: AccessMaster suite

Tivoli, http://www.tivoli.com
Product: Tivoli SecureWay suite

Risk Assessment

Intrusion.com, http://www.intrusion.com
Product: Kane Security Analyst

Internet Security Systems (ISS), http://www.iss.net
Products: ISS Security Scanner

Network Associates Inc., http://www.nai.com
Product: CyberCop Scanner


Updates

To request additions, deletions and amendments to this page, please contact Loren Baynes.

     
 

 

 

 
   |   Legal Notices & Terms of Use   |   Privacy Statement   |   Top of Page   Return to Top of Page