The Reference Guide provides a list of standards development bodies and standards-related terminologies:
Alphabetical listing of Standards development bodies and Standards-related terminologies
including acronyms and abbreviations
A B C D E G I M N O P S T U V W
Acronym Directory
Alphabetized by acronym, this directory will help
you identify the full name of standards developers referenced in this site.
Also indicates whether the developer has been accredited by ANSI.
Alliance
for Telecommunications Industry Solutions (ATIS)
The ATIS is a U.S.-based organization that promotes
and develops technical and operations standards for the communications and
related information technologies industry worldwide. Some of the current
activities include developing interoperability and interconnections standards
between IPTV systems and services, and Next-Gen network standardization effort.
American
Association for Artificial Intelligence
The American Association for Artificial Intelligence (AAAI) is a nonprofit
scientific society devoted to advancing the scientific understanding of the
mechanisms underlying thought and intelligent behavior and their embodiment in
machines. AAAI also aims to increase public understanding of artificial
intelligence.
American
National Standards Institute (ANSI)
Promotes the use of U.S. standards internationally, advocates U.S. policy and
technical positions in international and regional standards organizations, and
encourages the adoption of international standards as national standards where
these meet the needs of the user community. ANSI accredits Standards Developing Organizations (SDOs) domiciled in
the United States. One can also find information and training on the standards
development process.
American
Society of Industrial Security (ASIS)
The largest international educational organization for security professionals,
with over 30,000 members worldwide. ASIS is dedicated to increasing the
effectiveness and productivity of security professionals by developing educational
programs and materials that focus on both the fundamentals and the most recent
advancements in security management.
American
Society for Civil Engineers (ASCE)
The Codes and
Standards Program of ASCE develops consensus standards on a variety of topics
for the civil engineering profession.
American Society of Mechanical
Engineers (ASME)
ASME
produces and maintains approximately 600 codes and standards, covering a
multitude of technical areas including boiler components, elevators, hand
tools, fasteners, and machine tools.
American Society for Testing and
Materials (ASTM)
ASTM International is a
voluntary standards development organization for technical standards for
materials, products, systems, and services. ASTM International standards have
an important role in the information infrastructure that guides design,
manufacturing and trade in the global economy.
British Computer Society (BCS)
The chartered body for IT professionals. The Society is concerned with the
development of computing and its effective application. Under its Royal Charter
granted in 1984, it also has responsibilities for education and training, for
public awareness, and above all for standards, quality and professionalism.
British
Standards Institute (BSI)
BSI ensures the views of British industry are represented in international
standards bodies. BSI's BS7799 (part 1) is the model for the ISO 17799 IT
security standard.
CANADIAN STANDARDS
ASSOCIATION (CSA)
The
CSA develops standards in Canada focusing on areas such as
electrical/electronics, public
safety and health and environmental protection.
CanCERT (Canada)
CanCERT is Canada's first national Computer Emergency Response Team. CanCERT is
committed to client confidentiality and the improvement of IT security.
Communications
Security Establishment (CSE) - Canada
The Communications Security Establishment (CSE) is a federal government lead
agency that delivers Information Technology Security (ITS) solutions to the
government of Canada. It features the Common Criteria Evaluation and
Certification Scheme (CCS), which is a Canadian independent third party
evaluation and certification service for measuring the trustworthiness of IT
security products.
Communications Security Establishments (CSE)
A Canadian organization dealing with Information Technology Security (ITS)
(Government of Canada public key infrastructures, Annual Canadian ITS
symposium, Awareness and education, Government of Canada ITS Strategy).
Computer Ethics Institute
CEI is a nonprofit research, education and policy study organization formed to
address ethical issues emerging from the rapid development of a society
dominated by information and dramatically affected by technologies.
COSO Enterprise Risk Management Integrated Framework
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) Enterprise
Risk Management – Integrated Framework describes the essential
components, principles, and concepts of enterprise risk management (ERM). The
principles-based framework enables organizations to identify all aspects that
should be present in their ERM program and describes how they should be
implemented.
Electronic
Industries Alliance - USA
The Electronic Industries Alliance (EIA) is a national trade organization that
includes U.S. manufacturers, representing more than 80% of the $550 billion
electronics industry. The Alliance is a partnership of electronic and high-tech
associations and companies whose mission is promoting the market development
and competitiveness of the U.S. high-tech industry through domestic and
international policy efforts. EIA comprises more than 2,300 member companies
whose products and services range from the smallest electronic components to
the most complex systems used by defense, space and industry, including the
full range of consumer electronic products. The industry provides more than 2
million jobs for American workers.
European Telecommunications Standards Institute (ETSI)
A private sector standards development organization accredited by the European Union to write Pan-European standards for Telecommunications.
ETSI - Telecom Standards
A non-profit makin organization whose mission is to produce the telecommunications standards that will be used for decades to come throughout Europe and beyond.
European Union (EU) Dependability
Development Support Initiative
Information about the Dependability Development Support Initiative (DDSI), an
18-month European Union project that developed critical infrastructure
protection assessment plans for the EU member nations, in conjunction with the
United States, Japan, and other European nations. The DDSI site provides
information and papers on project findings and recommendations, including
establishing networks of interest, providing security baseline data, and
devising policy roadmaps. DDSI held its final conference in Brussels in Oct.
2002.
European Commission (EC)
Seeking to identify a common standard for all Europe for IT security.
European Computer
Manufacturers Association (ECMA)
An international, Europe-based industry association founded in 1961 and
dedicated to the standardization of information and communication systems.
Federal
Aviation Administration (FAA)
The
FAA provides information and status on more than 5,000 FAA, DOD, military, and commercial
standards and specifications used by the FAA in contracts, Information
Technology (IT), architecture, acquisition, etc. What is the current version of
an FAA standard? Which standards apply to Info Security?
Generally
Accepted System Security Principles Committee (GASSP)
Formed in response to the report "Computers at Risk," published by
the U.S. National Research Council in 1990. That recommendation, "To
promulgate comprehensive generally accepted system security principles,"
sparked the genesis of a concerted effort to establish a well-balanced
committee population representing key elements of the private and public
sectors from both the United States and abroad. A subsidiary of International
Information Security Foundation (I2SF). GASSP Pervasive Principles
and Broad Functional Principles are now published on the MIT Web site. Printed
copies are available from Auerbach Publishers and the Computer Security
Institute.
German Information Technology
Baseline Protection Manual
The German Federal Agency for Security in IT (BSI - Bundesamt fur Sicherheit in
der Informationstechnik) provides the IT Baseline Protection Manual in German
and English (freely downloadable 1680-page PDF). In five main sections: 1 -
introduction & how to map an IT infrastructure to the manual; 2 - threat
scenarios & safeguards; 3 - threat catalog; 4 - safeguard catalog; 5 -
Annexes, supplementary aids, forms, brief descriptions of tools, and list of
registered users.
Globalspec
The above is a search Website and
may be used to locate products and services, learn about suppliers, and access
technical content on standards, patents, specifications, designs, application
notes and more.
Gold
Standard for Windows 2000 Professional
Consensus minimum security benchmarks for the Windows 2000 Professional
operating environment are accepted by the U.S. National Security Agency (NSA),
Defense Information Systems Agency (DISA), the National Institute for Standards
and Technology (NIST), the National Infrastructure Protection Center (NIPC),
the General Services Administration (GSA), the SANS Institute, and the Center
for Internet Security. (See DISA IANewsletter: Gold Standard for Windows
2000 Professional.)
Guidelines for the Security of Information Systems (OECD)
In 1990, the Information, Computer and Communications Policy (ICCP) Committee
of the Organisation for Economic Cooperation and Development (OECD) created a
group of experts to prepare information security guidelines. The final version
of the Guidelines for the Security of Information Systems was adopted by the 24
OECD Member countries in November 1992. OECD Guidelines have been adopted or
adapted by NIST, GASSPC, IFAC, IIA, NACD, and other organizations.
Information Security Forum (ISF)
ISF is an independent association of organizations concerned with protecting
business information and finding practical solutions to information security
problems. ISF offers research publications on security topics, an annual
congress, and a bi-annual information security status survey.
Institute for
Security and Open Methodologies (ISECOM)
The Institute for Security and Open Methodologies (ISECOM) provides collective
information and tools under the open source licenses for free public use. This
information is provided via the Internet and through social venues and
conferences. ISECOM is a think-tank for developing new open standards and
methodologies largely in security. All standards are open for international
peer-review and are regularly updated to meet the demands of new technologies
and the processes derived from them. The site provides news, mail list server,
educational events, discussion forum, and certification.
Institute for
the Certification of Computing Professionals (ICCP)
Dedicated to the establishment of high professional standards for the computer
industry, it promotes these standards by offering the only broadly applicable
and internationally recognized certification program in the profession. Its
examinations provide a practical means of assessment and achieving professional
recognition.
Institute
of Electrical and Electronics Engineers (IEEE)
The Institute of Electrical and Electronics Engineers Standards Association (IEEE-SA) is the
leading developer of global industry standards in a broad-range of industries,
including Information Technology, Power and Energy, Telecommunications,
Transportation, Medical and Healthcare and Standards for new and emerging
technologies such as Nanotechnology. In addition, to advance the theory and practice of electrical,
electronics and computer engineering and computer science, IEEE sponsors conferences and symposia
and meetings and publishes significant technical papers and standards. The IEEE developed the
prominent 802® Standards for Local and Metropolitan Area Network Wireless and
Wired networks. The 802® standards are available for free download from the
Get IEEE 802® Website.
IEEE has forty-two technical societies and technical councils many of which have groups actively working on developing standards. Here is a listing of several key groups who have publicly viewable websites.
- IEEE Communications Society - It is a community comprised of a diverse group of industry professionals with a common interest in advancing all communications technologies. The Society sponsors publications, conferences, educational programs, local activities, technical committees, and standards.
- IEEE Computer Society - Among its many technical activities it has a very active standards development organization lead by its Standards Activities Board (SAB) that provides an organizational framework and conducive environment within which to develop broadly accepted, sound, timely, and technically excellent standards that will advance the theory and practice of computing and information processing science and technology.
- IEEE EMC Society – The IEEE Electromagnetic Compatibility Society (EMC) is the primary international developer of fundamental test and measurement standards for EMC
- IEEE Power Engineering Society – Like it’s sister societies, it sponsors publications, conferences, educational activities, technical committees, and standards. The focus of the standards is on generation, transmission and distribution of electrical power.
- IEEE 802 Standards Committee - develops Local Area Network standards and Metropolitan Area Network standards. The most widely used standards are for the Ethernet family, Token Ring, Wireless LAN, Bridging and Virtual Bridged LANs. An individual Working Group provides the focus for each area.
IEEE
also offers a wealth of material on the standards development process. Here are
a few useful Websites:
Institute of
Electrical Engineers (IEE)
Represents the public, professional and educational interest of over 140,000
electrical, electronic and manufacturing engineers worldwide. Key activities
include publishing, the organization of conferences, maintenance of technical
standards, interaction with government departments and the provision of
scientific and technical information services.
International Electrotechnical Commission (IEC)
Provides information on
electrical, electronic, electrotechnical international standards.
International Organization for
Standardization (ISO)
ISO is a network of the national standards institutes of 148 countries, on the
basis of one member per country, with a Central Secretariat in Geneva,
Switzerland, that coordinates the system.
Well known for ISO 9000 and ISO14000 standards.
International Telecommunications
Union (ITU)
The ITU headquartered in Geneva, Switzerland is an international organization where governments and the private sectors coordinate global telecom networks and services. It is a leading publisher of telecommunication technology, regulatory and standards information. It has three sectors: ITU-T, ITU-R, and ITU-D.
- The ITU-T membership develops recommendations for standards for the various fields of international telecommunications. ITU-T Study Group 19 focus on mobile telecommunication networks and is the lead study group on mobile telecommunication networks and for mobility. Including identification of existing and evolving IMT-2000 systems such as GSM, CDMA2000 and WCDMA.
- The ITU-R plays a role in the management of the RF spectrum and satellite orbits, finite natural resources which are increasingly in demand from a large number of services such as fixed, mobile, broadcasting, amateur, space research, meteorology, global positioning systems, and environmental monitoring.
- The ITU-D facilitates connectivity and access, foster policy, regulatory and network readiness, and formulates financing strategies for telecommunications development and e-enable enterprises in developing countries.
International
Webmasters Association
Provides and fosters professional advancement opportunities among individuals
dedicated to or pursuing a Web career, and to work diligently to enhance their
effectiveness, image, and professionalism as they attract and serve their
clients and employers.
Internet
Engineering Task Force (IETF)
The Internet Engineering Task Force (IETF) is a large open international
community of network designers, operators, vendors, and researchers concerned
with the evolution of the Internet architecture and the smooth operation of the
Internet.
Internet
Security Alliance
The Internet Security Alliance (ISAlliance) provides a forum for sharing
information about information-security issues and threats and works to identify
and standardize security best practices and solutions. ISAlliance is a
collaboration between the Electronic Industries Association and Carnegie Mellon
University’s CERT Coordination Center and Software Engineering Institute.
Internet Society
(ISOC)
The Internet Society (ISOC) is a professional membership society with more than
150 organization and 11,000 individual members in more than 182 countries. It
provides leadership in addressing issues that confront the future of the
Internet, and is the organization home for the groups responsible for Internet
infrastructure standards, including the Internet Engineering Task Force (IETF)
and the Internet Architecture Board (IAB).
ISF Standard of Good Practice for Information Security
The Standard of Good Practice for Information Security is produced by the
Information Security Forum (ISF), an international membership association of
more than 260 organizations, which fund and cooperate in the development of
research in information security. The free publication promotes good practice
in information security worldwide, helps organizations improve their level of
security and reduce their information risk to an acceptable level, and assists
in the development of practical and effective standards for reducing
information risk.
Managing
Standards
This article provides guidance and proposes a common solution of
"what-is" required to 'Manage and Control large and complex technical
systems' from their concept to de-commissioning.
National Electrical
Manufacturers Association (NEMA)
NEMA publishes over 500 standards and offers them for sale through
Global Engineering,
along with certain standards originally developed as American National
Standards Institute (ANSI) or International Electrotechnical Commission (IEC)
standards.
National
Fire Protection Association (NFPA)
NFPA develops, publishes, and disseminates
more than 300 consensus codes and standards to help minimize the possibility
and effects of fire and other risks.
National
Information Standards
Develops and promotes technical standards used in a wide variety of information
services.
National
Institute of Standards and Technology (NIST)
NIST technology, measurements, and standards help U.S. industry invent and
manufacture superior products reliably, ensure a fair marketplace for consumers
and businesses, and promote acceptance of U.S. products in foreign markets.
National
Physical Laboratory
UK's national measurement standards laboratory. It holds and maintains the UK
reference standards for the basic units of mass, length, time, temperature,
luminous intensity, and electrical current, as well as many of the derived
units. It also undertakes research and development to meet the needs of new
industries, such as information technology and materials.
National Security
Institute
The National Security Institute's Web site features industry and product news,
computer alerts, travel advisories, a calendar of events, a directory of
products and services, and access to a virtual security library. Security
technology, legislation, intelligence community, and terrorism.
NSSN: A National
Resource for Global Standards
Provides standards information to a broad constituency. Acts as a one-stop
information repository.
OASIS
The Organization for the Advancement of Structured Information Standards
(OASIS) is an industry consortium that develops technical standards for
electronic business applications. OASIS developed the extensible markup
standard (XML) and continues to develop XML specifications for many
applications.
OECD Guidelines for the Security of Information Systems, 1992
A foundation upon which countries and the private sector, acting independantly
or in concert, may construct a framework for security of information systems.
GASSP, IFAC, and NIST principles are based on these guidelines.
Open Group
The Open Group is an international vendor and technology-neutral,
not-for-profit consortium offering organizations concerned with open
information infrastructures a forum to share knowledge, integrate open
initiatives, and certify approved products and processes in an impartial
manner. Open Group offers certification, testing, forums, initiatives, conferences,
research, and membership.
Open Platform
for Security (OPSEC)
OPSEC is an open, multi-vendor security framework for providing best-of-breed
integrated applications and deployment platforms. Lead company Checkpoint
Systems offers two product interoperability certification programs, "Check
Point OPSEC Certified" for applications and "Secured by Check
Point" for platforms.
PictureTel Standards Page
Provides information on videoconferencing standards and telecommunications
standards, and is intended to provide the standards community with a single
point of access to the many industry activities associated with the development
of videoconferencing standards.
Project
Management Institute (PMI)
PMI is a nonprofit professional association in the area of project management.
PMI establishes standards, provides seminars, educational programs, and
professional certification for project leaders.
Scientific and
Technical Information Network (STINET)
Public STINET provides access to
citations of unclassified unlimited documents that have been entered into the Defense Technical Information Center’s
(DTIC) technical reports collection from December 1974, as well as the
electronic full-text of many of these documents. Public STINET also provides
access to the DoD Index to Specifications and Standards. Users may access
specifications and standards located on the Defense Automation &
Production Service (DAPS) database. DTIC also makes available sensitive and classified
information to eligible
users.
Security Industry Association (SIA)
The Security Industry Association (SIA), an international trade association
with more than 300 member companies representing manufacturers, distributors,
service providers, and integrators, promotes growth, expansion, and
professionalism within the security industry. SIA provides education, research,
technical standards, representation, and defense of members’ interests. SIA
members are involved in market segments such as, CCTV, access control,
biometrics, computer security, fire/burglar alarms, and home automation.
Members work together to address issues facing the industry and develop
programs to enhance the environment in which they sell products and services.
Security Requirements for Cryptographic Modules, FIPS 140-2
Security requirements cover 11 areas related to the design and implementation
of a cryptomodule. Within most areas, a cryptomodule receives a security level
rating (1-4, from lowest to highest), depending on what requirements are met.
For other areas that do not provide for different levels of security, a
cryptomodule receives a rating that reflects fulfillment of all of the
requirements for that area.
Software
Process Improvement and Capability Determination
A major international initiative to develop a Standard for Software Process
Assessment.
Techstreet
Provides industry standards and technical books from hundreds of organizations.
Many are downloadable pdf files.
Telecommunications
Industry Association (TIA)
The TIA is an U.S. trade
association assisting the member companies in communications and information
technology industry in market development, trade shows, domestic and
international advocacy, standards development and enabling e-business.
The Web
Standards Project
A coalition of web developers and users with the mission to "stop the fragmentation
of the web, by persuading browser makers that standards are in everyone's best
interest."
Underwriters
Laboratories (UL)
UL
has developed more than 800 Standards for Safety. Millions of products and
their components are tested to UL’s safety standards.
U.S. Department
of Defense - Specifications and Standards (DoDISS)
Full text DoD Specifications and Standards located on the
Defense Automated Printing Service (DAPS), eAccess database. Full text
documents available in Portable Document Format.
U.S. Department of Energy (DOE) Technical Standards
The mission is to enhance DOE's transition to a standards-based culture by
providing information, coordinating activities, and promoting the use of
consensus standards, and when needed, the development of DOE technical
standards.
U.S. Environmental Protection
Agency
EPA works to develop and enforce regulations that
implement environmental laws enacted by the U.S. Congress. EPA is responsible
for setting national standards for a variety of environmental programs, and
delegates to states and tribes the responsibility for issuing permits and for
monitoring and enforcing compliance. Where national standards are not met, EPA
can issue sanctions and take other steps to assist the states and tribes in
reaching the desired levels of environmental quality.
U.S. Government
Auditing Standards
Government Auditing Standards (The Yellow Book) Links to current Government
Auditing Standards, exposure drafts currently out for comment, and related
information. Provides an electronic codification of Government Auditing
Standards. See: www.gao.gov, click through Publications.
U.S. National
Information Assurance Partnership (NIAP)
The National Information Assurance Partnership (NIAP) is a U.S. Government
initiative to meet the security testing needs of IT producers and users. The
program is intended to foster the availability of objective measures and test
methods for evaluating the quality of IT security products, and the development
of commercial testing laboratories that can provide the testing and evaluation
services to meet the demands of producers and users. The program should help
producers increase the value and competitiveness of their products in the U.S.
and abroad through the availability of formal, independent testing and
certificates of validation. NIAP efforts will help public and private sectors
users by providing a sound and reliable basis for the evaluation, comparison,
and selection of security products.
Video Electronics Standards Association
To promote and develop timely, relevant, open display and display interface
standards, ensuring interoperability, and encouraging innovation and market
growth.
Wireless Ethernet Compatibility Alliance, The (WECA)
The Wireless Ethernet Compatibility Alliance (WECA) mission is to certify
interoperability of Wi-Fi (Wireless Fidelity, IEEE 802.11) products and to promote
Wi-Fi as the global wireless LAN standard across all market segments. Site
provides articles, press releases, case studies, backgrounder, studies/reports,
photos, videos, briefings & presentations.
World Wide Web Consortium
(W3C)
The World Wide Web Consortium (W3C) develops interoperable technologies
(specifications, guidelines, software, and tools) to lead the Web to its full
potential as a forum for information, commerce, communication, and collective
understanding. This page provides W3C news plus links to information about W3C
technologies and getting involved in W3C.
Last Revised
27 October 2005
|
