T2P Rules & Standards Hub

Project Objective: A comprehensive directory of guidance for improving information and IT governance.

Category: Maps & Crosswalks

Comparative analyses of major regulations, frameworks, and standards.

Category: Audit & Assessment

Audit guides, checklists, and self-assessment tools for information management controls, critical infrastructure, information security, and other operational areas.

Category: Business Continuity & Disaster Planning

Rules, standards, and frameworks that aim to reduce the adverse impact of both known and unknown contingencies on operational and business processes.

Category: Change & Patch Management

Rules, standards, and other guidance related to technology changes and patches, segregation of duties in development environments, and related issues.

Category: Communications

Guidance and regulations related to commercial electronic mailing and other business communications.

Category: Governance & Risk Management

Standards, frameworks, and rules for risk management, high-level oversight, and business and operational governance.

Category: Information & Operational Security

Rules and guidance for protection of the security, integrity, and confidentiality of information and operations, including privacy guidelines with relation to general data management practices.

Category: Maturity Models

Guidelines for assessing and driving the completeness, soundness, and organizational integration of IT and information management and control practices.

Category: Measurement & Metrics

Methods, checklists, and standards for the quantification and qualification of operational efficiency and effectiveness.

Category: Record, Content & Data Management

Rules and guidance for the retention and longer-term accessibility of business records and other electronic content.

Category: Technology Development & Architecture

Guidance and standards for application development lifecycles, secure coding, and other technical efforts.

Category: Technology Sourcing & Investment Management

Guidance on reducing risks and improving value in the technology acquisition and development, including vendor and outsourcing management.