IT Security Body of Knowledge

NIST SP 800-16

1. LAWS AND REGULATIONS

2. IT SECURITY PROGRAM

3. SYSTEM ENVIRONMENT

4. SYSTEM INTERCONNECTION

5. INFORMATION SHARING

6. SENSITIVITY

7. RISK MANAGEMENT

8. MANAGEMENT CONTROLS

9. ACQUISITION/DEVELOPMENT/’INSTALLATION/IMPLEMENTATION CONTROLS

10. OPERATIONAL CONTROLS

11. AWARENESS, TRAINING, AND EDUCATION CONTROLS

12. TECHNICAL CONTROLS