COBIT | Control Objectives for Information Technologies | ISACA
- *COBIT (Control Objectives for Information and Related Technologies)* – Developed by ISACA, COBIT is a comprehensive framework for IT governance and management.
https://www.isaca.org/resources/cobit
2. *ISO/IEC 27001* – This standard provides requirements for an information security management system (ISMS).
https://www.auditboard.com/blog/iso-27001-audit
3. *ISO/IEC 27002* – This standard offers guidelines for organizational security techniques.
https://en.wikipedia.org/wiki/ISO/IEC_27000_family
4. *ISO 42001* – Focuses on the management of IT security and risk.
https://en.wikipedia.org/wiki/ISO/IEC_27000_family
5. *NIST Cybersecurity Framework (CSF)* – Developed by NIST, this framework helps organizations manage and reduce cybersecurity risk.
https://csrc.nist.gov/pubs/cswp/29/the-nist-cybersecurity-framework-csf-20/final
6. *NIST Risk Management Framework (RMF)* – Provides a process for integrating security, privacy, and risk management into the system development life cycle.
https://www.nist.gov/frameworks
7. *NIST Special Publication 800-53* – Offers security and privacy controls for federal information systems.
https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final
8. *ISACA IT Audit and Assurance Guidelines* – These guidelines support the standards and help practitioners achieve alignment with the standards.
9. *ISACA IT Audit Framework (ITAF)* – Provides guidance on the roles and responsibilities of IT audit and assurance professionals.
https://www.isaca.org/about-us/newsroom/press-releases/2020/isaca-updates-it-audit-framework-itaf
10. *NIST Cybersecurity Assessment Tool (CSET)* – A tool to help organizations assess their cybersecurity posture.
https://www.nist.gov/cyberframework/assessment-auditing-resources