Security Program Development

-
Security Program Development

ISO/IEC 27000 Series : International standards on how to develop and maintain an ISMS developed by ISO and IEC.

Enterprise Architecture Development:

    1.     Zachman Framework : Model for the development of enterprise architectures developed by John Zachman.
    2.     TOGAF : Model and methodology for the development of enterprise architectures developed by The Open Group.
    3.     DoDAF : U.S. Department of Defense architecture framework that ensures interoperability of systems to meet military mission goals.
    4.     MODAF : Architecture framework used mainly in military support missions developed by the British Minsitry of Defence.
    5.     SABSA Model : Model and methodology for the development of information security enterprise architectures.
          
      Security Controls Development:

        1.     COBIT 5 : A business framework to allow for IT enterprise management and governance that was developed by Information Systems Audit and  Control Association (ISACA).
        2.     NIST SP 800-53 : Set of controls to protect U.S. federal systems developed by the National Institute of Standards and Technology.
        3.     COSO Internal Control-Integrated Framework : Set of internal corporate controls to help reduce the risk of financial fraud developed by the committee of Sponsoring Organizations (COSO) if the Treadway Commission.

          Process Management Development:

            1.     ITIL : Processes to allow for IT Service management developed by the United Kingdom's Office of Government Commerce.
            2.     Six Sigma : Business management strategy that can be used to carry out the process improvement.
            3.     Capability Maturity Model Integration (CMMI) : Organizational development for process improvement developed by Carnegie Mellon University. (I.R.D.M.O) - Initial, Repeatable, Defined, Managed, Optimized

                  
              ISO/IEC 27000 Series
                1.     ISO/IEC 27000 Overview and vocabulary
                2.     ISO/IEC 27001 ISMS requirements
                3.     ISO/IEC 27002 Code of practice for information security management
                4.     ISO/IEC 27003 ISMS implementation
                5.     ISO/IEC 27004 ISMS measurement
                6.     ISO/IEC 27005 Risk Management
                7.     ISO/IEC 27006 Certification body requirements
                8.     ISO/IEC 27007 ISMS auditing
                9.     ISO/IEC 27008 Guidance for auditors
                10.     ISO/IEC 27011 Telecommunications organizations
                11.     ISO/IEC 27014 Information security governance
                12.     ISO/IEC 27015 Financial sector
                13.     ISO/IEC 27031 Business continuity
                14.     ISO/IEC 27032 Cybersecurity
                15.     ISO/IEC 27033 Network security
                16.     ISO/IEC 27034 Application security
                17.     ISO/IEC 27035 Incident management
                18.     ISO/IEC 27037 Digital evidence collection and preservation
                19.     ISO/IEC 27799 Health organizations

                Comments

                Post a Comment

                Popular posts from this blog

                OIM 11g Custom ADF Application Development

                -
                Image
                In this post , I will cover the steps required to create a custom ADF web application. What this application does is facilitate Account Claim Process. Users has been migrated from some other IAM product to OIM and exist in disabled state and hence cannot login to perform Self Service operations. User needs to identify themselves by providing their personal details like personal identification number, zip code and dob etc. After successfully Identifying themselves they will be able to set a new password and set their challenge questions and answers. During this process the application will activate their account and set the new password and QnA. At the end of the process, they will be able to login OIM with their new password set. The application has been developed using JDeveloper using ADF technology to render user interfaces and MVC design pattern to keep the concerns separate. Application Structure              ...
                Read more

                OIM OIA Custom Code Integration via Web Services

                -
                This post covers the OIM OIA custom integration via web services. What this integration code does is listen for create or modify event in OIM and if that change is detected for a user profile then propagates it to OIA user in real time. If a user is created in OIM, then create the user in OIA. If a user is modified in OIM, then modify the user in OIA.  OIM changes are detected via Event Handler. OIA web services are invoked to create or modify the user in OIA. OIM Event Handler 1 package com.dubey.deepak.oim.oia.intg; 2 3 import Thor.API.Exceptions.tcAPIException; 4 import Thor.API.Exceptions.tcStaleDataUpdateException; 5 import Thor.API.Exceptions.tcUserNotFoundException; 6 7 import com.dubey.deepak.oim.oia.intg.ItResourceObj; 8 import com.dubey.deepak.oim.oia.intg.OIADBConnector; 9 import com.dubey.deepak.oim.oia.intg.OIAIntegrationConstants; 10 import com.dubey.deepak.oim.oia.intg.OIARequest; 11 import com.dubey.deepak.oim.oia.intg.OIA...
                Read more

                OHS 12c (12.1.3) webgate deployment and configuration

                -
                In this post, I will cover the deployment and configuration of webgate 12c webgate. OHS 12c comes pre-bundled with a webgate so we don't have to separately download and install any webgate. If you have installed OHS then you have a webgate which you can configure to protect OHS. Also there is no gui screens involved as all configurations are done via command line tools. In the previous post i covered installation and configuration of OHS 12c. This post builds on top of that. Step 1 deploy webgate ./deployWebGateInstance.sh -w /OHS_12c_WEBSERVER_HOME/webserver/instances/instance1/config/fmwconfig/components/OHS/ohs1 -oh /OHS_12c_MW_HOME/ Copying files from WebGate Oracle Home to WebGate Instancedir Step 2 Config webgate export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/OHS_12c_MW_HOME/lib cd /OHS_12c_MW_HOME/webgate/ohs/tools/setup/InstallTools/ ./EditHttpConf -w /OHS_12c_WEBSERVER_HOME/webserver/instances/instance1/config/fmwconfig/components/OHS/ohs1 -oh /OHS_12c_MW_HO...
                Read more