close

What Is Truth to Power?

[+] A research and advisory resource...

dedicated to bridging the gaps between governance and practice, technology and business, regulation and control, risk management and real market pressures, and your own knowledge and the knowledge of your peers.

[+] An open forum and community...

built to create a common pool of knowledge—one big brain—that lets you work more efficiently, build technology and business practices more effectively, and endure audits more effortlessly.

[+] A plexus nexus...

a neutral hub through which you can reach many valuable information nodes, resource collections, and organizations that are helping people like you already, but in fractured ways.

[+] A rebellion...

against the idea that auditors, analysts, and consultancies can control information simply through their ability to collect and distill it. T2P's goal is to unlock the vast body of knowledge, insight, and conventional wisdom that we all have, make it freely available to you, and help you digest and interpret it—without undue cost, bias, or hype.

Top Panel
WHAT IS T2P?
Top Panel

Tags:NIST

Rules & Standards RSS
Results 21 - 25 of 25 << Start < Prev 1 2 Next > End >>
NIST IR 7298 Rev 1: NIST Information Security Glossary of Key Information Security Terms
Issuer: NIST
TagsNISTsecurityglossarytaxonomystandardgovernment
Country US

This document includes most of the current terms & definitions used in NIST information security publications and those in the CNSS Instruction # 4009 (Glossary of Information Assurance terms). The document is meant to be a reference for Federal gover ...

Category:Information & Operational Protection
ReviewRecommendPrintVisitReportClaim
NIST SP 800-125: Guide to Security for Full Virtualization Technologies
Issuer: NIST
TagsNISTsecurityvirtualizationstandardgovernment
Country US

NIST Special Publication 800-125 discusses security concerns associated with full virtualization technologies for server and desktop systems, and gives recommendations for addressing these concerns.

Category:Information & Operational Protection
ReviewRecommendPrintReportClaim
NIST SP 800-126 Rev 1: The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.1...
Issuer: NIST
TagsNISTsecuritySCAPOCILOVAL
Country US

SCAP consists of a suite of specifications for standardizing the format and nomenclature by which security software communicates information about software flaws and security configurations. SP 800-126 defines and explains SCAP version 1.1, including the ...

Category:Information & Operational Protection
ReviewRecommendPrintVisitReportClaim
NIST SP 800-113: Guide to SSL VPNs
Issuer: NIST
TagsNISTsecuritySSLVPNstandardgovernment
Country US

US federal standard describing technologies and features of SSL VPNs, how SSL fits within the context of layered network security, and a phased approach to SSL VPN planning and implementation.

Category:Information & Operational Protection
ReviewRecommendPrintReportClaim
NIST Specification for Asset Identification 1.1 (NISTIR 7693)
Issuer: NIST
TagsNISTsecurityasset managementstandardgovernment
Country US

Asset identification plays an important role in an organization's ability to quickly correlate different sets of information about assets. NISTIR 7693 provides the necessary constructs to uniquely identify assets based on known identifiers and/or known in ...

Category:Information & Operational Protection
ReviewRecommendPrintVisitReportClaim
Results 21 - 25 of 25 << Start < Prev 1 2 Next > End >>

T2P RECOMMENDS:

AuditNet logo
AuditNet is an online portal for auditors. Created and run by the venerable Jim Kaplan, the organization's mission is to develop a complete "utility" for audit-related information, products, and services.

T2P RECOMMENDS:

The BeyeNETWORK provides resources and professional community support for business intelligence, performance management, data warehousing, data integration and data quality.

T2P RECOMMENDS:

IIA Logo

The Institute of Internal Auditors (IIA) is a powerful research and guidance organization focusing on audit principles and processes for business and IT functions. IIA guidance related to information control includes the Global Technology Audit Guide (GTAG) series and the Guide to the Assessment of IT Risk (GAIT) series.