External Regulations and Guidance

Control Frameworks:

Control Objectives for Information and Related Technologies (COBIT)

National Institute of Standards and Technology (NIST) Special Publication 800-53

Committee of Sponsoring Organizations of the Treadway Commission (COSO)

SANS Institute CIS Critical Security Controls

Regulations and Related Guidance:

Controlled Technical Information (CTI)

Controlled Unclassified Information (CUI)

Family Educational Rights and Privacy Act (FERPA)

Federal Information Security Management Act (FISMA)

Federal Information Processing Standards (FIPS) for Security Categorization

Gramm Leach Bliley Act (GLBA)

GSA Privacy Program

Health Information Portability and Accountability Act (HIPAA)

National Institute of Standards and Technology (NIST)

New York State Technology Law

Payment Card Industry (PCI) Standards

Privacy Act of 1974

Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (Uniform Guidance)