CH 13 Information Security Standards

American National Standards Institute (ANSI)

ensure the safety and health of consumers and the protection of the environment Produces standards that affect nearly all aspects of IT but primarily software development and computer system operation

World Wide Web Consortium (W3C)

main international standards organization for the World Wide Web Develops protocols and guidelines that unify the web and ensure its long-term growth

Institute of Electrical and Electronics Engineers (IEEE)

nonprofit organization that focuses on developing and distributing standards that relate to electricity and electronics Provides training and educational opportunities covering a wide number of engineering topics

Request for Comments (RFC)

A document that ranges from a simple memo to several standards encourages collaboration and peer review

Internet Architecture Board

An important subcommittee of the IETF that has substantial influence over many standards that affect the Internet

Payment Card Industry Data Security Standard (PCI DSS)

An international standard for handling transactions involving payment cards

Internet Engineering Task Force (IETF)

Develops and promotes Internet standards Focuses on the engineering aspects of Internet communication

European Telecommunications Standards Institute (ETSI) Cyber Security Technical Committee (TC CYBER)

Develops standards for information and communications technologies (ICT) that are commonly adopted by member countries in the European Union Standards cover both wired and wireless communication technologies security issues related to the Internet and the business communications it transports

National Institute of Standards and Technology (NIST)

Federal agency within the U.S. Department of Commerce Provides standards for measurement and technology on which nearly all computing devices rely

Information Security Standards

Necessary to create and maintain a competitive market for hardware and software vendors Guarantee compatibility between products from different countries

International Organization for Standardization (ISO)

Nongovernmental international organization to develop and publish international standards for nearly all industries Serves as a bridge between the public and private sectors

International Telecommunication Union Telecommunications Sector (ITU-T)

United Nations agency responsible for managing and promoting information and technology issues responsible for ensuring the efficient and effective production of standards covering all fields of telecommunications for all nations

International Electrotechnical Commission (IEC)

Works with the ISO preeminent organization for developing and publishing international standards for technologies related to electrical and electronic devices and processes