Document Number |
Date Posted |
Title |
| SBP/07-0059 |
January 24, 2008 |
Draft Minutes - INCITS
Study Group on Security Best Practices, Meeting #8, January
7, 2008 - Teleconference meeting minutes |
| SBP/07-0058 | December 22, 2007 | COSO ERM Executive Summary |
| SBP/07-0057 | December 22, 2007 | Draft NIST SP 800-55 |
| SBP/07-0056 | December 22, 2007 | NIST SP 800-100 |
| SBP/07-0055 | December 22, 2007 | NIST SP 800-53 |
| SBP/07-0054 | December 22, 2007 | NIST SP 800-30 |
| SBP/07-0053 | January 7, 2008 |
Draft Agenda for the January 7, 2008 Teleconference - Meeting #8 |
| SBP/07-0052 | January 10, 2008 |
Draft
Minutes - INCITS Study Group on Security Best Practices, Meeting #7,
December 18, 2007 - Teleconference meeting minutes |
| SBP/07-0051 | December 22, 2007 |
SC22 Activities Overview |
| SBP/07-0050 | December 22, 2007 | Draft Best Practices SG report
(Revision 0.3) |
| SBP/07-0049 | February 11 , 2008 |
Final Version of Best Practices SG Initial Report |
| SBP/07-0048 | December 10, 2007 |
SC27 N6218 Text 3rd CD 27004 - Nov2007 |
| SBP/07-0047 | December 18, 2007 |
Draft Agenda for the December 18,
2007 Teleconference - Meeting #7 |
| SBP/07-0046 | January 11, 2008 |
Draft Minutes - INCITS Study Group on Security Best Practices, Meeting #6, December 10, 2007 - Teleconference meeting minutes |
| SBP/07-0045 | November 29, 2007 | Jeopardy Letter to Orange Parachute |
| SBP/07-0044 | November 29, 2007 |
Draft Agenda for the December 10, 2007 Teleconference - Meeting #6 |
| SBP/07-0043 |
November 28, 2007 |
Draft Minutes - INCITS
Study Group on Security Best Practices, Meeting #5, November
20, 2007 - Teleconference |
| SBP/07-0042 | November 21, 2007 | ASC X9, Inc. Project Proposal for
Financial Services – Information Security Standards Registry (FS-ISSR) |
| SBP/07-0041 | November 21, 2007 | Working Draft - Technical Report:
Recommendation for Creating a Comprehensive Framework for Risk Management
and Compliance in the Financial Services and Insurance Industries |
| SBP/07-0040a SBP/07-0040b |
November 21, 2007 | Email from Daniel R. Benigni Contribution from Dan Benigni |
| SBP/07-0039 | November 21, 2007 | NIST Releases Three Security Publications |
| SBP/07-0038 | November 21, 2007 | Payments Fraud Index - Concept Statement |
| SBP/07-0037 | November 21, 2007 | Booz Allen contribution |
| SBP/07-0036 | November 16, 2007 |
Draft Agenda for the November 20, 2007 Teleconference - Meeting #5 |
| SBP/07-0035 | IT Governance collection of
research documents (in zip archive) |
|
| SBP/07-0034 | IT Governance Implementation
Guide using COBIT® and VAL IT™ - IT Governance Institute |
|
| SBP/07-0033 | November 21, 2007 |
Enabling Mission Critical Operations
Through Mature Implementation by Nadya Bartol, Eric White, Stephanie Shankles,
and Michelle Moss |
| SBP/07-0032 | The Financial Institution Shared
Assessments Program Frequently Asked Questions |
|
| SBP/07-0031 | Cybertrust Joins the Financial Institution
Shared Assessments Program |
|
| SBP/07-0030 | Management and Education of the Risk
of Insider Threat (MERIT): Mitigating the Risk of Sabotage to Employers’
Information, Systems, or Networks |
|
| SBP/07-0029 | Introducing OCTAVE Allegro:
Improving the Information Security Risk Assessment Process |
|
| SBP/07-0028 | FFIEC IT Examination Handbook |
|
| SBP/07-0027 | Noember 15, 2007 |
Text of ISO/IEC FDIS 21827 -- Information
technology -- Security techniques – Systems security engineering – Capability
maturity model (SSE-CMM)® to Address Cyber Threats [Permission is granted by ITI to members of INCITS Study Group on Security Best Practices to reproduce this document for the purposes of producing the report outlined in the approved charter (SBP/07-0001) without further permission, provided this notice is included.All other rights are reserved. Any commercial or for-profit reproduction is strictly prohibited.] |
| SBP/07-0026 | October 30, 2007 |
Draft Minutes - INCITS Study Group on Security Best Practices, Meeting #4, October 23, 2007 |
| SBP/07-0025 | October 24, 2007 | ISO/IEC Guide 73:2002 Risk management
— Vocabulary — Guidelines for use in standards [Permission is granted by ITI to members of INCITS Study Group on Security Best Practices to reproduce this document for the purposes of producing the report outlined in the approved charter (SBP/07-0001) without further permission, provided this notice is included.All other rights are reserved. Any commercial or for-profit reproduction is strictly prohibited.] |
| SBP/07-0024 | October 24, 2007 | ISO/IEC 27001:2005, Information technology
- Security techniques - Information security management systems - Requirements [Permission is granted by ITI to members of INCITS Study Group on Security Best Practices to reproduce this document for the purposes of producing the report outlined in the approved charter (SBP/07-0001) without further permission, provided this notice is included.All other rights are reserved. Any commercial or for-profit reproduction is strictly prohibited.] |
| SBP/07-0023 | October 24, 2007 | ISO/IEC 27002:2005, Overview
of the ANSI-BBB Identity Theft Prevention and Identity Management
Standards Panel (IDSP) October 2007 meeting, (originally contributed by E.
Barrett, INCITS EB) [Permission is granted by ITI to members of INCITS Study Group on Security Best Practices to reproduce this document for the purposes of producing the report outlined in the approved charter (SBP/07-0001) without further permission, provided this notice is included.All other rights are reserved. Any commercial or for-profit reproduction is strictly prohibited.] |
| SBP/07-0022 | October 24, 2007 | ISO/IEC 2nd FCD 27005, Information technology -- Security techniques -- Information security risk management |
| SBP/07-0021 | October 22, 2007 | Jeopardy Letter Issued for Meeting Attendance Jeopardy |
| SBP/07-0020 | October 22, 2007 | Draft Agenda for the October 23, 2007 Teleconference
- Meeting #4 |
| SBP/07-0019 |
October 18, 2007 |
Critical Infrastructure Protection |
| SBP/07-0018 |
October 19, 2007 |
Draft
Minutes - INCITS Study Group on Security Best Practices, Meeting #3,
October 12, 2007 |
| SBP/07-0017 | October 11, 2007 |
Draft Agenda version 1 – October 12, 2007 telephone
conference, Meeting 3 |
| SBP/07-0016 | October 11, 2007 | Draft
Minutes - INCITS Study Group on Security Best Practices, Meeting #2,
October 4, 2007 |
| SBP/07-0015 | October 4, 2007 |
Revised Draft Agenda – For a series of telephone conferences: October 4, 2007, October 23, 2007, November 20, 2007, December 18, 2007, and January 6, 2008 for INCITS Study Group on Security Best Practices |
| SBP/07-0014 | October 4, 2007 |
Overview of the ISF’s Standard of Good Practice for Information Security March 2007 |
| SBP/07-0013 | October 3, 2007 | Overview of the ANSI-BBB Identity Theft Prevention and Identity Management Standards Panel (IDSP) October 2007 meeting, (originally contributed by E. Barrett, INCITS EB) |
| SBP/07-0012 | October 3, 2007 | President's Identity Theft Task Force Releases Comprehensive Strategic Plan to Combat Identity |
| SBP/07-0011 | October 3, 2007 | N6010 Draft Agenda for the 5th Meeting of ISO/TMB WG on Risk Management scheduled to be held in Sanya (China) on 3rd – 7th December 2007 (originally contributed by D. Benigni) |
| SBP/07-0010 | October 3, 2007 | Security Operations Maturity Architecture (SOMA) |
| SBP/07-0009 | October 3, 2007 | Information Security Management Maturity Model (ISM3) |
| SBP/07-0008 | October 3, 2007 |
An Introduction to Factor Analysis of Information Risk (FAIR) |
| SBP/07-0007 | September 28, 2007 |
Draft
Agenda – For a series of telephone conferences: October 4, 2007, October 23, 2007, November 20, 2007, December 18, 2007, and January 6, 2008 for INCITS Study Group on Security Best Practices |
| SBP/07-0006 |
September 27, 2007 |
Draft Minutes - INCITS Study Group on Security Best
Practices - Formation Meeting - September 19, 2007 - Scottsdale, AZ |
| SBP/07-0005 |
September 17, 2007 |
INCITS Study Group on Security Best Practices - Information
Package for Formation Meeting
|
| SBP/07-0004 |
August 27, 2007 |
Report of the INCITS Study Group on Security Best
Practices to the September 2007 INCITS Executive Board Meeting |
| SBP/07-0003 |
August 23, 2007 |
Notification of Establishment, Call for Participants
and Meeting Announcement - INCITS Study Group on Security Best Practices
- September 19, 2007 Formation Meeting - Scottsdale, AZ |
| SBP/07-0002 |
August 23, 2007 |
Draft Agenda - INCITS Study Group on Security Best
Practices - Formation Meeting - September 19, 2007 - Scottsdale, AZ |
| SBP/07-0001 |
August 23, 2007 |
Approved Charter for the INCITS Study Group on Security
Best Practices |