Security Standards

The Open Information Security Management Maturity Model (O-ISM3) is The Open Group framework for managing information security.

This O-SMA Standard expands on the SMA interoperability and other mobile architecture issues raised in the SMA Snapshot published in March 2013.

This document provides a standard definition and taxonomy for information security risk, as well as information regarding how to use the taxonomy.

This document is The Open Group Standard for Risk Analysis (O-RA), which provides a set of standards for various aspects of information security risk analysis. It is a companion document to the Risk Taxonomy (O-RT) Standard (C13K).

The O-DM standard defines how to construct a data model to manage risk and build trust on organizational dependencies between enterprises, or between operational divisions in a large organization.

This Role-Based Access Control (RBAC) standard defines a set of authorizations consistent with the generally accepted tasks assigned to administrative users, granting them the privileges necessary to perform their administrative duties, within a common set of administrative roles to be predefined on UNIX® systems.

This standard enables enterprises to automate security compliance for their systems in a consistent manner, thereby assuring compliance with applicable regulations, while also achieving major cost savings.

Superseded by C17B

The Open Information Security Management Maturity Model (O-ISM3) is The Open Group framework for managing information security.

This document is based on the Defense Information Systems Agency (DISA), Common Operating Environment (COE) Platform Compliance Criteria, Security Software Requirements Specification (SSRS).