Information Security Domains

Draft

Classification Objective

The initial objective of this classification is to consolidate known information security domains from the literature to facilitate the production of specialized classifications for particular purposes.

Classification

Item

Sources

Alternative Forms

Definition

Item

Sources

Alternative Forms

Definition

Assurance

Uddin and Preston, 2015

 

 

Audit and Accountability (AA)

Le and Hoang, 2017 Uddin and Preston, 2015

Auditing

 

Cloud connection and communication security (CCC)

Le and Hoang, 2017

 

 

Cloud Security

Uddin and Preston, 2015

 

 

Compliance / Policy

Uddin and Preston, 2015

Compliance

 

Data and Information protection (DIP)

Le and Hoang, 2017, Uddin and Preston, 2015

Data Security

 

Governance, Risk, and Compliance management (GRC)

Le and Hoang, 2017

 

 

Human resource management (HM)

Le and Hoang, 2017

 

 

Identities and Access Management (IAM)

Le and Hoang, 2017, Uddin and Preston, 2015

 

 

IAM Provisioning

Uddin and Preston, 2015

 

 

Incident response (IR)

Le and Hoang, 2017

 

 

Infrastructure and facilities security (IF)

Le and Hoang, 2017

 

 

Interoperability and portability (IP)

Le and Hoang, 2017

 

 

Cloud application security (APP)

Le and Hoang, 2017

 

 

Policy and Standards

Uddin and Preston, 2015

 

 

Security awareness and training (AT)

Le and Hoang, 2017, Uddin and Preston, 2015

 

 

Virtualization and isolation (VI)

Le and Hoang, 2017

 

 

 

 


Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.


This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.