Welcome » IT Booklets » Information Security » Appendix C: Laws, Regulations, and Guidance
* Non-regulatory Resources and are provided to assist in your research and continuing professional education. They are not endorsed, certified, or approved by the FFIEC or its member agencies.
Control Objectives for Information Technology Website at www.isaca.org (The Information Systems Audit and Control Association & Foundation)
Code of Practice for Information Security Management (ISO /IEC 17799) (available at The International Organization for Standards (ISO ) Information Technology Website, www.iso.org/iso/en/CatalogueListPage.CatalogueList)
Information Security -- Security Techniques-Evaluation Criteria for IT Security (ISO /IEC 15408) (available at The International Organization for Standards (ISO) Information Technology Website, www.iso.org/iso/en/CatalogueListPage.CatalogueList)
The National Institute of Standards and Technology (NIST ) Website at www.nist.gov