Information Security:
Advisory Organizations
- Bank for International Settlements' Basel Committee on Banking Supervision
[www.bis.org/publ/bcbs76.htm] —
Covers the cross-border supervisory issues and challenges related to electronic banking
activities. It identifies the need for international cooperation among banking
supervisors to address these issues. It also identifies four action items to
promote international cooperation and exchange of information between banking supervisors.
- Risk Management Principles for Electronic Banking
[www.bis.org/publ/bcbs82.pdf] —
Fourteen recommended risk management principles for electronic banking to help
banking institutions expand their existing risk oversight policies and processes
to cover their electronic banking activities.
- General Accounting Office (GAO)
[www.gao.gov] — Publishes numerous documents
related to information security, such as the following:
- Information Security: Code Red, Code Red II, and SirCam Attacks
Highlight Need for Proactive Measures. GAO-01-1073T, August 29, 2001
[www.gao.gov/new.items/d011073t.pdf]
- Critical Infrastructure Protection: 'ILOVEYOU' Computer Virus
Highlights Need for Improved Alert and Coordination Capabilities.
T-AIMD-00-181, May 18, 2000
[www.gao.gov/archive/2000/ai00181t.pdf]
- Critical Infrastructure Protection: National Plan for Information Systems
Protection. AIMD-00-90R, February 11, 2000
[archive.gao.gov/f0302/163238.pdf]
- InfraGard
[www.infragard.net] —
An information sharing and analysis effort serving the interests and combining the knowledge
base of its 5,000 members. InfraGard is a cooperative undertaking between the U.S. government
(led by the FBI and the NIPC) and an association of businesses, academic institutions,
state and local law enforcement agencies, and other participants dedicated to increasing
the security of U.S. critical infrastructures. The goal of InfraGard is to
enable the flow of information so that the owners and operators of infrastructure assets
(which are 80 to 90% privately owned) can better protect themselves and so that the U.S.
government can better discharge its law enforcement and national security responsibilities.
- Partnership for Critical Infrastructure Security (PCIS)
[www.pcis.org/] —
A forum for cross-sector and public-private dialog on reducing vulnerabilities, mitigating
risks, identifying strategic objectives, and sharing good information security practices.
The PCIS is open to all interested businesses as well as public sector participants.
It helps its participants to network with information security leaders from other industries and
government agencies and to learn about the latest developments on security issues that
affect both the public and private sectors. The PCIS is a non-profit organization
run by companies and private sector associations representing each of the critical infrastructure
industries. The CIAO provides support for the PCIS and government officials are
invited to participate in Partnership meetings on a collaborative basis.
Copyright © 2002 - 2007 by Daniel W. Hancock. All Rights Reserved.
Home Page