Tag standards

Cloud Security Compliance

This post summarizes some aspects of cloud security that need to be taken into account regarding compliance. To monitor cloud security compliance, we need to check all compliance sources and how they affect cloud security. Compliance sources: Limits of Cloud…

Information Security Compliance

This post explains the concept of information security compliance and related topics. Compliance is one of the three sub-areas covered in Information Security area of GRC (Governance, Risk and Compliance). Sources of IT Security Compliance Compliance comes from the following…

Project Management Methodologies and Standards

This post summarizes project management methodologies. List of Project Management Methodologies and Standards Project management methodologies featured on this post: PMBOK The Project Management Book of Knowledge (PMBOK) Guide is a standard for project management, issued by the Project Management…

SOC Reporting Framework

This post introduces to System and Organization Controls (SOC) reporting framework, in the context of compliance with US American law Sarbanes-Oxley Act (SOX). Regulation Context The Sarbanes-Oxley Act (SOX or Sarbox) is a United States of America federal law. It…

Cryptographic Standards and Guidelines

This post summarizes some cryptographic standards and guidelines. List of Cryptographic Standards and Guidelines Cryptographic Standards and Guidelines featured on this post: NIST’s Cryptographic Standards and Guidelines ENISA’s Recommended Cryptographic Measures CCN’s CCN-STIC 807 “Criptología de empleo en…

Cloud Security

This post covers some aspects of information security related to cloud services. Cloud Security Components On this section you can find different components that are relevant to cloud security. A Cloud Access Security Broker (CASB) scans the security between on-premise…

Business Continuity

Business continuity should make focus on incidents that are not frequent but may cause a big impact on the organization. A Business Continuity Plan (BCP) is a plan used by an organization to respond to disruption of critical business process.…

Password Definition Standards

This post discusses about policies, standards or guidelines to establish secure passwords in an IT system. List of Password Definition Standards List of password generation standards: NIST 800-63B NIST 800-63B is titled “Digital Identity Guidelines“. Official web SANS SPT Password…

Graphics Libraries

This post summarizes libraries to create 3D or 2D graphics and sound. For those libraries to create both graphics and sound toghether, you can check this post. Graphics and multimedia libraries should not be confused with game engines. You can…