close

What Is Truth to Power?

[+/-] A research and advisory resource...
dedicated to bridging the gaps between governance and practice, technology and business, regulation and control, risk management and real market pressures, and your own knowledge and the knowledge of your peers.
[+/-] An open forum and community...
built to create a common pool of knowledge—one big brain—that lets you work more efficiently, build technology and business practices more effectively, and endure audits more effortlessly.
[+/-] A plexus nexus...
a neutral hub through which you can reach many valuable information nodes, resource collections, and organizations that are helping people like you already, but in fractured ways.
[+/-] A rebellion...
against the idea that auditors, analysts, and consultancies can control information simply through their ability to collect and distill it. T2P's goal is to unlock the vast body of knowledge, insight, and conventional wisdom that we all have, make it freely available to you, and help you digest and interpret it—without undue cost, bias, or hype.
Top Panel
WHAT IS T2P?
Top Panel
T2P Rules & Standards Hub
* Maps & Crosswalks  (17)
Comparative analyses of major rules, frameworks, and standards.
Anti-Spam  (1)
Guidance and regulations related to commercial electronic mailing.
Audit & Assessment  (21)
Audit guides, checklists, and self-assessment tools for information management controls, critical infrastructure, information security, and more.
Business Continuity, Contingency & Disaster Planning  (4)
Rules, standards, and frameworks that aim to reduce the adverse impact of both known and unknown contingencies on operational and business processes.
Change & Patch Management  (1)
Rules and guidance related to technology changes, patch management, segregation of duties in development environments, and related issues.
Development & Architecture, Technical  (6)
Guidance and standards for application development lifecycles, secure coding, and other technical efforts.
Governance & Risk Management  (13)
Standards, frameworks, and rules for risk management, high-level oversight, and business and operational governance.
Information & Operational Protection  (64)
Rules and guidance for security, integrity, and confidentiality of information and operations, including privacy guidelines that indicate broad-reaching data management practices.
Maturity Models  (3)
Guidelines for assessing the completeness, soundness, and organizational integration of IT and information management and control practices.
Records, Content & Data Management  (4)
Rules and guidance for the retention and longer-term accessibility of business records and other electronic content.
Technology Sourcing & Investment Management  (5)
Guidance on reducing risks and improving value in the acquisition and development of technology, including service-provider and outsourcing management.