Top 10 IT Risk Frameworks and Resources

I have an entire folder full of risk frameworks that I draw from for inspiration when I’m performing a risk assessment or internal audit project. Here’s a few links that I hope you find helpful.

If you have something useful not listed below please share in the comments!

NIST Cybersecurity FrameworkHere
NIST Cloud Computing FrameworkHere
NIST Computer Security FrameworkHere
OWASP (infinite information on Web App Security)Here
ISACA IT Governance FrameworkHere
ISO 27000 Series (IT Security)Here
AICPA SOC 2 FrameworkHere
SANS Critical Security ControlsHere
FFIEC on CybersecurityHere
HIPAA FrameworksHere and Here

3 thoughts on “Top 10 IT Risk Frameworks and Resources

Leave a Reply