Over many years now, we have developed working relationships with other industry groups and consortia who work on information security solutions. These liaisons wax and wane according to the priority and level of involvement of particular development work. For convenience and visibility, we maintain a list of information security consortia. It is not intended to be an exclusive list, but if you notice a significant omission or expired inclusion, please contact us to tell us to update it.
The remainder of this page gives an extensive list of useful links to Web sites
maintained by other organizations who are active in information security. The range of
information accessible through these links is enormous, reflecting the number of
organizations and consortia involved and the huge variety of information available.
To assist you in find what you are seeking, the following groupings are used:
Other Information Sourcing Sites
The Information Society Technologies (IST) Web
pages give a wealth of links to useful information sources. In particular, its Information Security Standards Web page
lists link to Active Forums and to Security Standards by market sector.
The Computer and Communication
Web page gives a more general overview of links to current standards activities and who is
doing them, across all areas of Information Technology.
Consortia, Organizations and Associations
ISC: American Bar Association, Information Security Council
Applied Computer Security Associates
the American National Standards Institute,
Go to http://webstore.ansi.org/ansidocstore,
select the NCITS (Information Technology) standards category, then select "Standards
search" and do a "Lookup" on "security". This produces an
extensive list of standards.
American Society for Industrial Security
British Standards Institute
Go to http://www.bsi-global.com/Information+Security+Homepage/index.xalter
Note: BS7799 - Toward Standardization of Information Security.
Computerworld Security Knowledge Center http://www.computerworld.com/securitytopics/security/
CIO: Chief Information Officer
Has an "Analyst Corner", and other areas that address security issues.
Their new resource for security executives is CSO Magazine - http://www.csoonline.com/
Center for Internet Security
Particularly recommended is their Security Cookbook -
COBIT: see ISACA
Center for Secure Information Systems
High Technology Crime Investigation Association
- International Information Integrity Institute
International Association for Computer Systems Security, Inc.
Institute of Electrical and Electronics Engineers, Inc.
the Internet Engineering Task Force
International Federation for Information Processing (IFIP) Technical Committee 11 (TC-11)
on Security and Protection in Information Systems
I2SF: International Information Security Foundation
Aims to Develop and Promulgate Generally Accepted System Security Principles (GASSP) - http://web.mit.edu/security/www/GASSP/GASSP.DOC
Information Systems Audit and Control Association
Provides access to their COBIT (Control Objectives for Information and related Technology),
their Standards for Information Systems Control Professionals (http://www.isaca.org/standard/stand3.htm),
and their K-NET repository of information.
International Society for Professionals in E-Commerce
Information Systems Security Association, Inc.
International Information Systems Security Certification Consortium
the International Standards Organization
ISO/IEC Guidelines for the Management of IT Security (GMITS).
Joint Technical Committee 1 (JTC 1) and TAG (Technical Advisory Group)
National Committee for Information Technology Standards (formerly X3); Technical Committee
Classification Management Society, Inc.
National Coalition for the Prevention of Economic Crime
(U.S.National Institute of Standards and Technology)
Look in NIST CSD (Computer Security Division) for links to various standards. One recently
recommended by a member is "Contingency Planning Guide For Information
Technology Systems," ed Elizabeth Lennon, http://csrc.nist.gov/publications/nistpubs
Network Security Framework Forum
National Security Institute
National White Collar Crime Center
Organization for Economic Cooperation and Development
System Administration, Networking, and Security Institute
Provides links to many standards documents.
SANS is particularly useful for accessing publications on legal issues - http://www.sans.org/infosecFAQ/legal/legal_list.htm
The World Wide Web Consortium
Product: Enterprise Security Manager
Development Corporation, http://www.bindview.com
Product: bv-Control and bv-Admin
BMC Software, http://www.bmc.com
Products: BMC Control-SA
Computer Associates, http://www.ca.com
Products: eTrust product line: e-Business Security Management suite
e-Security Inc., http://www.esecurityinc.com
Product: Open e-Security Platform (OeSP) suite
Product: AccessMaster suite
Product: Tivoli SecureWay suite
Product: Kane Security Analyst
Internet Security Systems (ISS), http://www.iss.net
Products: ISS Security Scanner
Associates Inc., http://www.nai.com
Product: CyberCop Scanner
To request additions, deletions and amendments to this page, please contact Ian Dobson.