Security Standards
-
Risk Analysis (O-RA), Version 2.0
This document provides a set of standards for various aspects of information security risk analysis.Learn More -
Risk Taxonomy (O-RT), Version 3.0
This document provides a standard definition and taxonomy for information security risk, as well as information regarding how to use the taxonomy.Learn More -
Open Information Security Management Maturity Model (O-ISM3), Version 2.0
The Open Information Security Management Maturity Model (O-ISM3) is The Open Group framework for managing information security.Learn More -
Open Secure Mobile Architecture (O-SMA): Reference Architecture and Implementation Guidance
This O-SMA Standard expands on the SMA interoperability and other mobile architecture issues raised in the SMA Snapshot published in March 2013.Learn More -
Risk Taxonomy (O-RT), Version 2.0
Superseded by C20BLearn MoreThis document provides a standard definition and taxonomy for information security risk, as well as information regarding how to use the taxonomy.
-
Risk Analysis (O-RA)
Superseded by C20ALearn MoreThis document is The Open Group Standard for Risk Analysis (O-RA), which provides a set of standards for various aspects of information security risk analysis. It is a companion document to the Risk Taxonomy (O-RT) Standard (C13K).
-
Dependency Modeling (O-DM)
The O-DM standard defines how to construct a data model to manage risk and build trust on organizational dependencies between enterprises, or between operational divisions in a large organization.Learn More -
Authorization Roles Managed On RBAC (O-ARMOR)
This Role-Based Access Control (RBAC) standard defines a set of authorizations consistent with the generally accepted tasks assigned to administrative users, granting them the privileges necessary to perform their administrative duties, within a common set of administrative roles to be predefined on UNIX® systems.Learn More -
Open Automated Compliance Expert Markup Language (O-ACEML)
This standard enables enterprises to automate security compliance for their systems in a consistent manner, thereby assuring compliance with applicable regulations, while also achieving major cost savings.Learn More -
Open Information Security Management Maturity Model (O-ISM3)
Superseded by C17BLearn MoreThe Open Information Security Management Maturity Model (O-ISM3) is The Open Group framework for managing information security.