Security Standards

This document provides a set of standards for various aspects of information security risk analysis.

This document provides a standard definition and taxonomy for information security risk, as well as information regarding how to use the taxonomy.

The Open Information Security Management Maturity Model (O-ISM3) is The Open Group framework for managing information security.

This O-SMA Standard expands on the SMA interoperability and other mobile architecture issues raised in the SMA Snapshot published in March 2013.

Superseded by C20B

This document provides a standard definition and taxonomy for information security risk, as well as information regarding how to use the taxonomy.

Superseded by C20A

This document is The Open Group Standard for Risk Analysis (O-RA), which provides a set of standards for various aspects of information security risk analysis. It is a companion document to the Risk Taxonomy (O-RT) Standard (C13K).

The O-DM standard defines how to construct a data model to manage risk and build trust on organizational dependencies between enterprises, or between operational divisions in a large organization.

This Role-Based Access Control (RBAC) standard defines a set of authorizations consistent with the generally accepted tasks assigned to administrative users, granting them the privileges necessary to perform their administrative duties, within a common set of administrative roles to be predefined on UNIX® systems.

This standard enables enterprises to automate security compliance for their systems in a consistent manner, thereby assuring compliance with applicable regulations, while also achieving major cost savings.