Standards*

Search…
Standards*
This page contains accurate information but may be missing links to specific standards or formatting may be incorrect.
ISO/IEC
Standard
Category
Description
​ISO/IEC 15408:2009​
Common Criteria
Information technology - Security techniques - Evaluation criteria for IT security
ISO/IEC 17788:2014
Cloud Computing
Information technology - Cloud computing - Overview and vocabulary
​ISO/IEC 17789:2014​
Cloud Computing
Information technology - Cloud computing - Reference architecture
ISO/IEC 19086:2016
SLAs
Information technology - Cloud computing - Service level agreement (SLA) framework
ISO/IEC 19941:2017
Cloud Computing
Information technology - Cloud computing - Interoperability and portability
ISO/IEC 19944:2017
Cloud Computing
Information technology - Cloud computing - Cloud services and devices: Data flow, data categories and data use
ISO/IEC 20000-1:2019
​
Information technology - Service management - Part 1: Service management system requirements
​ISO/IEC 27001:2013​
ISMS
Information technology - Security techniques - Information security management systems - Requirements
​ISO/IEC 27002:2013​
Best Practices
Information technology - Security techniques - Code of practice for information security controls
ISO/IEC 27005:2018
Risk
Information technology - Security techniques - Information security risk management
​ISO/IEC 27017:2015​
Cloud Computing
Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services
​ISO/IEC 27018:2014​
PII in the Cloud
Information technology - Security techniques - Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
​ISO/IEC 27034:2011​
ONF/ANF
Information technology - Security techniques - Application security
ISO/IEC 27036:2014
Supplier Relations
Information technology - Security techniques - Information security for supplier relationships
ISO/IEC 27037:2012
Forensics
Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence
ISO/IEC 27040:2015
Storage Security
Information technology - Security techniques - Storage security
ISO/IEC 27041:2015
Forensics
Information technology - Security techniques - Guidance on assuring suitability and adequacy of incident investigative method
ISO/IEC 27042:2015
Forensics
Information technology - Security techniques - Guidelines for the analysis and interpretation of digital evidence
ISO/IEC 27043:2015
Forensics
Information technology - Security techniques - Incident investigation principles and processes
NIST
Publication
Category
Description
​NIST SP 500-292​
Cloud Computing
Cloud Computing Reference Architecture
​NIST SP 500-293​
Cloud Computing
Cloud Computing Technology Roadmap
NIST SP 800-12 Rev. 1
​
An Introduction to Information Security
​
NIST SP 800-30
Risk
Guide for Conducting Risk Assessments
​NIST SP 800-37​
Risk
Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy
NIST SP 800-40 Rev. 3
​
Guide to Enterprise Patch Management Technologies
​NIST SP 800-53​
​
Security and Privacy Controls for Federal Information Systems and Organizations
NIST SP 800-63
Forensics
Digital Identity Guidelines
NIST SP 800-92
​
Guide to Computer Security Log Management
NIST SP 800-122
Breach Reporting
Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)
NIST SP 800-123
​
Guide to General Server Security
​NIST SP 800-145​
Cloud Computing
The NIST Definition of Cloud Computing
​NIST SP 800-146​
​
Cloud Computing Synopsis and Recommendations
NIST SP 800-161
Supply Chain
Supply Chain Risk Management Practices for Federal Information Systems and Organizations
Index - Previous
Terminology*
Next - (ISC)2
Code of Ethics
Last modified 1yr ago
Export as PDF
Copy link
Outline
ISO/IEC
NIST