This post summarizes information security or cybersecurity control inventories.
List of Information Security Control Catalogues
Information Security Control Catalogues:
- ISO/IEC 27002
- NIST SP 800-53
- OSA Control Catalogue
ISO/IEC 27002
ISO/IEC 27002 is officially titled “Information security, cybersecurity and privacy protection — Information security controls”, but it can be summarized as “Information security controls“.
https://www.iso.org/standard/75652.html
NIST SP 800-53
NIST Special Publication 800-53, abbreviated as NIST SP 800-53 or NIST 800-53, is a standard developed by NIST CSRC. Its title is “Security and Privacy Controls for Information Systems and Organizations”.
https://csrc.nist.gov/Projects/risk-management/sp800-53-controls/release-search#/
OSA Control Catalogue
Open Security Architecture (OSA) includes a control catalogue. As of 2022, its latest release is 11.02. It is based on NIST SP 800-53.
https://www.opensecurityarchitecture.org/cms/library/0802control-catalogue
[…] Information Security Controls […]