Progressive security organizations such as ISSA and ASI are beginning to align with traditional organizations such as ISACA to bridge the gap between exisitng engineering process and control standards.  In the meantime, however, what practitioners want to know is what standards are out there that can be used to meet the security challenges of today and how well do the standards they have already implemented support good security practice?

This site, therefore, has established an area for engineering standards comparison, including notes as to how the standard addresses security. Entries use the Magee-Tripp comparison grid found in Software Engineering Standard and Specifications: An Annotated Index and Directory (Global Engineering Documents, 1994)

Select security standards are also compared, using an adapted grid format.

Consult the following link to navigate to                    Standards Comparison

Back to Standards & Best Practices