Discover published sets by community

Purpose: To provide a policy framework of computer security guidance for how private sector organizations can assess and improve their ability to prevent, detect, and respond to cyber attacks. Brief Outline: The framework offers five core functions: Identify, Protect, Detect, Respond, and Recover, guiding organizations through the lifecycle of managing and mitigating cybersecurity risk.

Purpose: To provide a model for organizations to evaluate and improve their internal control systems. Brief Outline: The Committee of Sponsoring Organizations (COSO) framework is primarily focused on risk management, control, and governance processes within an organization. It's widely used to design and assess the effectiveness of internal controls.

Purpose: To provide a detailed method and set of supporting tools for developing an enterprise architecture. Brief Outline: TOGAF stands for The Open Group Architecture Framework. It provides a comprehensive approach to design, planning, execution, and governance of an enterprise information architecture.

Purpose: To provide a set of standards to help organizations manage the security of assets such as financial information, intellectual property, employee details, and information entrusted by third parties. Brief Outline: ISO/IEC 27001 is a part of the ISO/IEC 27000 family of standards and outlines a risk management process involving people, processes, and IT systems.

Purpose: To provide guidelines for effective IT service management (ITSM) that can be adopted by organizations to deliver quality IT services. Brief Outline: ITIL stands for Information Technology Infrastructure Library. It outlines a set of detailed practices for IT activities such as IT service design, service strategy, service transition, service operation, and continual service improvement.

Purpose: To provide a framework for effective governance of IT to assist organizations in ensuring the use of IT to achieve their objectives. Brief Outline: ISO/IEC 38500 is an international standard that provides principles, definitions, and a model for governing bodies to use when evaluating, directing, and monitoring the use of information technology in organizations.

Purpose: To help organizations understand and quantify information risk in financial terms. Brief Outline: FAIR, which stands for Factor Analysis of Information Risk, is a model for understanding, analyzing, and quantifying information risk in a way that weighs the probability and impact of risk in financial terms.

Purpose: To provide a set of practices for process improvement that leads organizations to high performance and quality. Brief Outline: CMMI stands for Capability Maturity Model Integration. It is a process and behavioral model that helps organizations streamline process improvement and encourage productive, efficient behaviors.

Purpose: To provide a comprehensive framework for enterprises to develop, implement, monitor, and improve IT governance and management practices. Brief Outline: COBIT stands for Control Objectives for Information and Related Technologies. It aligns IT goals with business goals, provides metrics and maturity models to measure their success, and defines the roles and responsibilities for IT processes.