Relevante Normen, Standards & Best Practices
Informationssicherheit:
  • ISO 27000 Normenreihe zur Informationssicherheit
  • OECD Guidelines for the Security of Information Systems and Networks
  • Österr. IT-Sicherheitshandbuch
  • Grundschutzhandbuch des deutschen BSI
  • Dokumente der NSA (U.S. National Security Agency)
  • Security-Dokumente der ENISA

IT-Revision/IT-Controls:

  • Das COBIT Framework (ISACA) 
  • COSO Enterprise Risk Management Framework (COSO II)

IT Service Management:

  • ISO 20000-1/20000-2:2005 "Information technology - Service management - Part 1: Specification, Part 2: Code of practice"
  • The IT Infrastructure Library - "ITIL" (OGC)
  • TelemanagementForum eTOM/SID/NGOSS

Prozess-Reifegrad Betrachtung:

  • ISO 21827 (System Security Engineering - Capability Maturity Model SEE-CMM)
  • ISO/IEC 16085:2006 Systems and Software Engineering — Life Cycle Processes — Risk Management
  • ISO 15504 (SPiCE) Process Assessment
Risiko-Management:
  • ISO 27005 "Information technology - Information security risk management"
  • ISO 31000 Risk Management – Guidelines for principles and implementation of risk management
  • IEC/DIS 31010 "Risk management -- Risk assessment guidelines"
  • ONR 49000 Normenreihe Risikomanagement
  • COSO Enterprise Risk Management Framework (COSO II)
  • Standard "Risiko- und Chancenmanagement" der RMA
  • DIN25424 Fehlerbaumanalyse
  • MaRisk Deutschland

Business/Service Continuity Management:

  • BS 25999-1:2006 "Code of practice for business continuity management"
  • BS 25999-2:2007 "Specification for business continuity management"
  • PAS 77:2006 "IT Service Continuity Management"
  • BS 25777:2008 "Information and communications technology continuity management - Code of practice"
  • ISO 20000-1/20000-2:2005 "Information technology - Service management - Part 1: Specification, Part 2: Code of practice"
  • ISO 24762:2008 "Information technology -- Security techniques -- Guidelines for information and communications technology disaster recovery services"
  • BSI-DE Standard 100-4 "Notfallmanagement"
  • ISO/PAS 22399:2007 "Societal security – Guideline for incident preparedness and operational continuity management"
  • Continuity Dokumente der ENISA
Qualitätsmanagment:
  • ISO 9001
  • TL 9000 (ISO 9001 QMS für die Telekommunikationsindustrie)