Here is a short overview of all kind of interesting web sites concerning security.
- Cobit – Control Objectives for Information and Related Technology. It Govermance Framenwork – International Assurance Control ISACA. To research, develop, promote an authorative up-to-date and generally accepted Objective Information and related technology controls
- ESF – European Security Forum – The Open Group. The ISF has developed a model that shows how we address – via our Research, Knowledge Exchange and Tools & Methodologies – the fundamental elements of an information security programme.
- ISEA3402 – International Standard on Assurance Engagements. International outsouring standard. ISAE 3402 was developed to provide an international assurance standard for allowing public accountants to issue a report for use by user organizations and their auditors (user auditors) on the controls at a service organization that are likely to impact or be a part of the user organization’s system of internal control over financial reporting.
- ISO – Internation Organisation for Standardization. ISO develops high quality voluntary International Standards which facilitate international exchange of goods and services, support sustainable and equitable economic growth, promote innovation and protect health, safety and the environment.
- NIST – National Institute of Standards and Technology. To promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.
- NSSC – National Cyber Security Centre. The NCSC was set up to help protect our critical services from cyber attacks, managing major incidents and improve the underlying security of the UK Internet through technological improvement and advice to citizens and organisations.
- NOREA – The organisation for IT-Auditors. The qualified IT auditor provides impartial assessment and advice on the quality aspects of IT, aspects such as reliability, security, continuity, confidentiality, efficiency and effectiveness.
- OSA – Open Security Architecture – The control catalog in OSA is currently based upon NIST 800-53. There is a mapping available against ISO17799, and other prominent standards. We feel this is the best control catalog available for the IT industry. This catalog can be used without restriction.
- OWASP – Open Web Application Security Project. The free and open software security community.
- SAS70 – Statement on Auditing Standards (SAS) No. 70, Service Organizations. A service auditor’s examination performed in accordance with SAS No. 70 (also commonly referred to as a “SAS 70 Audit”) represents that a service organization has been through an in-depth examination of their control objectives and control activities, which often include controls over information technology and related processes.
- Security NL – All kind of security news in Holland.
- DNB – The Dutch Bank – DNB seeks to safeguard financial stability and thus contributes to sustainable prosperity in the Netherlands. “Toetsingskader Informatiebeveiliging”