Information Assurance Standards (2020)

From CyberEdWiki
Jump to: navigation, search

The intent of the IA Standards Knowledge Unit is to provide students with an understanding of the common standards related to information assurance.


To complete this KU, students should be able to:

  1. Compare and contrast different types of standards including: laws, regulations, policies, voluntary, and framework-based standards.
  2. Map the processes for the creation and/or changes to different types of standards.
  3. Describe the impact of legal/regulatory standards on a given system.
  4. Describe how standards may be applied and assessed for a sub-contractor or customer.
  5. List and describe key provisions of common standards.


  1. Laws
    1. HIPAA
    2. FERPA
    3. Sarbanes-Oxley
    4. FISMA
    5. Data breach disclosure laws
  2. Regulations
    1. FIPS 199, 200
    2. NIST SP Series, including 800-53
    3. FDA 21 CFR parts 806 and 820
    4. NERC CIP
    5. Rainbow Series
  3. Commercial Standards
    1. PCI/DSS
  4. Open Standards
    1. OWASP


Specialization Areas[edit]

See also[edit]

Related Knowledge Units

Further reading[edit]

Suggested textbooks[edit]

Suggested academic readings[edit]

The Rainbow Series

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]


Reference ID[edit]