Information Assurance Standards (2020)

From CyberEdWiki
Revision as of 22:07, 21 November 2019 by GeralynUH (talk | contribs) (Text replacement - "To complete this KU, students should be able to:" to "After completing the KU, students will be able to:")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The intent of the IA Standards Knowledge Unit is to provide students with an understanding of the common standards related to information assurance.


After completing the KU, students will be able to:

  1. Compare and contrast different types of standards including: laws, regulations, policies, voluntary, and framework-based standards.
  2. Map the processes for the creation and/or changes to different types of standards.
  3. Describe the impact of legal/regulatory standards on a given system.
  4. Describe how standards may be applied and assessed for a sub-contractor or customer.
  5. List and describe key provisions of common standards.


  1. Laws
    1. HIPAA
    2. FERPA
    3. Sarbanes-Oxley
    4. FISMA
    5. Data breach disclosure laws
  2. Regulations
    1. FIPS 199, 200
    2. NIST SP Series, including 800-53
    3. FDA 21 CFR parts 806 and 820
    4. NERC CIP
    5. Rainbow Series
  3. Commercial Standards
    1. PCI/DSS
  4. Open Standards
    1. OWASP


NICE Framework Categories[edit]

CSEC 2017 Categories[edit]

Specialization Areas[edit]

See also[edit]

Related Knowledge Units

Further reading[edit]

Suggested textbooks[edit]

Suggested academic readings[edit]

The Rainbow Series

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]


Reference ID[edit]