Information technology — Security techniques — Information security management systems — Requirements, html, ISO/IEC 27001
Information technology — Security techniques — Code of practice for information security controls, html, ISO/IEC 27002
ISO/IEC 27018:2019 Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
ISO/IEC 27017:2015 Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services
ISO/IEC 27701:2019 Security techniques — Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines
Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors, html, ISO/IEC 27018
Information technology — Security techniques — Information security in supplier relationships — Part 1: Overview and concepts, html,ISO/IEC 27036-1
Information technology — Security techniques — Information security in supplier relationships — Part 2: Requirements,html, ISO/IEC 27036-2
Information technology — Security techniques — Information security in supplier relationships — Part 3: Guidelines for information and communication technology supply chain security,html,ISO/IEC 27036-3
Information technology — Security techniques — Information security for supplier relationships — Part 4: Guidelines for security of cloud services, html, ISO/IEC 27036-4
DoD Instruction 8500.01 Cybersecurity
Chairman of the Joint Chiefs of Staff Manual 6510.01B Cyber Incident Handling Program
Executive Order 13526 Classified National Security Information
DoD Cloud Computing Security Requirements Guide (SRG)
Security Technical Implementation Guide (STIG)
Official DoD Issuances/Instructions
Federal Risk and Authorization Management Program (FedRAMP)
CNSSI 1253: Security Categorization and Controls Selection for National Security Systems
CNSSI 4009: National Information Assurance (IA) Glossary
NIST SP 800-59: Guideline for Identifying an Information System as a National Security System
NIST SP 800-88 Revision 1: Guidelines for Media Sanitization
NIST SP 800-144: Guidelines on Security and Privacy in Public Cloud Computing
NIST SP 800-145: Definition of Cloud Computing
NIST SP 800-146: Cloud Computing Synopsis & Recommendations
NIST SP 800-53: Security and Privacy Controls for Federal Information Systems and Organizations