Major Frameworks and Guidance

Major frame-works and guidance to demonstrate compliance with the laws and regulations

The Information System Audit and Control Association (ISACA) has created Control Objectives for IT (COBIT) that provides guidance on IT governance and controls.

ISO 17799 (also known as ISO/IEC 27002) is a code of practice for Information Security Management, click here for a “plain English” discussion.

Information Technology Infrastructure Library (ITIL) is a comprehensive set of best practices for IT Service management.

Committee of Sponsoring Organizations (COSO) provides guidance for Internal Controls; their full mission is to provide thought leadership through the development of comprehensive frameworks and guidance on enterprise risk management, internal control and fraud deterrence.