Information, Articles, Tools, and Useful LinksCommittee Listings, Member Forums, and Find a CITPInformation on AICPA Tech. Conference, Seminars, Webcasts, and ConferencesIT Section Membership Information, CITP Credential Information, Members Only Tools and Communications, and MorePublications, CPE, Conferences, and Webcasts
 
Search
 

Search Options
Infotech Home > Resources > System Security & Reliability > Security Standards, Frameworks and Guidelines

Security Standards, Frameworks and Guidelines

Many organizations have issued security frameworks that aim to define the necessary elements of security for organizations. These frameworks provide guidance to organizations who are looking to develop, maintain, and assess secure systems. The Federal Information Management Security Act of 2002 requires Federal Agencies and, in some cases, private organizations who provide contracted services to the Federal Government, to meet three defined security objectives in their organizationsconfidentiality, availability, and integrity. A wealth of guidance has been developed on how Federal Agencies can meet these three objectives and secure their systems and information assets that can also be useful to private sector organizations. The Corporate Information Security Working Group was established by a House Subcommittee to look at what voluntary security guidance would be useful for organizations in the private sector. They have issued voluntary guidance on best practices and metrics for security programs that are designed to be scalable to any organization.