IT Security Regulations

This post features regulations related to IT security. The post focuses on regulations that establish IT security controls. To read a more general post about compliance on general IT security regulations, visit this post. If you want to know regulations…

Infrastructure as Code

Infrastructure as Code (IaC) is the process of managing and provisioning computer data center resources through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. IaC is a technology that is related to configuration management. You can…

IT Supplier Risk Management

This post discusses some topics about information technology (IT) supplier risk management (SRM) or Supply Chain Risk Management (SCRM). This post can be considered part of the series about supply chain IT security. Related terms are provider management and IT…

IT Vulnerability Scoring Systems

This post features scoring systems for IT vulnerabilities. List of Vulnerability Scoring Systems These are the resources for vulnerability scoring systems: The most popular is CVSS. CVSS Common Vulnerability Scoring System (CVSS) is an open standard that provides an open…