Scribd Logo
Upload

Welcome to Scribd!

  • Cybersecurity Competency Framework Rules Standards

    Uploaded by

    JMLOGIC
    124 views5 pages
    cybersecurity competencies

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    cybersecurity competencies

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    124 views5 pages

    Cybersecurity Competency Framework Rules Standards

    Uploaded by

    JMLOGIC
    cybersecurity competencies

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    CYBERSECURITY COMPETENCY FRAMEWORK

    NORMATIVE REFERENCES OF CYBERSECURITY PRACTICE

    1. Laws, Regulation and Policies

    a. R.A. 10844 – DICT National Cybersecurity Plan and NCERT


     https://dict.gov.ph/wp-content/uploads/2016/10/DICT-IRR.pdf
     https://dict.gov.ph/wp-content/uploads/2019/07/NCSP2022-
    rev01Jul2019.pdf
     https://dict.gov.ph/wp-content/uploads/2020/03/Dept-Circular-No-003-
    3062020.pdf
     https://www.ncert.gov.ph/cert-manual/dictcertmanual.pdf

    b. R.A. 10175 – Cybercrime Prevention Act


    https://www.officialgazette.gov.ph/2015/08/12/implementing-rules-and-
    regulations-of-republic-act-no-10175/

    c. R.A. 10173 – Data Privacy Act


    https://www.officialgazette.gov.ph/2016/08/25/implementing-rules-and-
    regulations-of-republic-act-no-10173/

    d. Bangko Sentral ng Pilipinas Informaton Technology Risk Management


    https://morb.bsp.gov.ph/148-information-technology-risk-management/
    https://morb.bsp.gov.ph/appendix-75/

    e. SEC Cyber Security Framework


    https://www.sec.gov.ph/wp-
    content/uploads/2020/12/2020Notice_DraftMemoCircularCyberSecurity.pdf

    f. DICT Cloud First Policy


     https://i.gov.ph/policies/signed/department-circular-cloud-first-policy/
     https://dict.gov.ph/wp-
    content/uploads/2020/06/Department_Circular_No_10_Amendments_t
    o_DC_No_2017_002_re_Prescribing.pdf

    2. International Standard Organization


    CYBERSECURITY COMPETENCY FRAMEWORK

    a. ISO 27000 – Information Security Overview and Vocabulary


    https://www.freestandardsdownload.com/iso-iec-27000-2018-pdf.html

    b. ISO 29100 – Data Privacy Framework


    https://www.freestandardsdownload.com/iso-iec-29100-2011.html

    c. ISO 27001 – Information Security Management System – Requirements


    https://www.freestandardsdownload.com/bs-en-iso-iec-27001-2017.html

    d. ISO 27002 – Information Security Management System – Controls


    https://www.freestandardsdownload.com/bs-en-iso-iec-27002-2017.html

    e. ISO 27701 – Security and Privacy Management System – Controls


    https://www.freestandardsdownload.com/iso-iec-27701-2019.html

    f. ISO 29151 – Personal Information Privacy Controls


    https://www.freestandardsdownload.com/iso-iec-29151-2017-pdf.html

    g. ISO 27003 – Information Security Management System – Implementation


    https://www.freestandardsdownload.com/iso-iec-27003-2017-pdf-
    download.html

    h. ISO 29190 – Data Privacy Management Capability Model


    http://kantarainitiative.org/confluence/download/attachments/49775225/Cut_2
    ndWD.doc

    i. ISO 27005 – Information Security Risk Management


    https://www.freestandardsdownload.com/iso-iec-27005-2018-pdf-
    download.html

    j. ISO 29134 – Privacy Impact Assessment


    https://www.freestandardsdownload.com/iso-iec-29134-2017-pdf.html

    k. ISO 27033 – Network Security


    https://www.iso27001security.com/html/27033.html
    CYBERSECURITY COMPETENCY FRAMEWORK
    l. ISO 27040 – Storage Security
    https://www.iso27001security.com/html/27040.html

    m. ISO 27034 – Application Security


    https://www.iso27001security.com/html/27034.html

    n. ISO 27017 – Cloud Security


    https://www.freestandardsdownload.com/iso-iec-27017-2015-pdf-free-
    download.html

    o. ISO 27018 – Cloud Privacy


    https://www.freestandardsdownload.com/iso-iec-27018-2014.html

    p. ISO 27036 – Supplier Relationship Security


    https://standards.iso.org/ittf/PubliclyAvailableStandards/c059648_ISO_IEC_2703
    6-1_2014.zip

    q. ISO 27032 – Cybersecurity Guidelines


    https://www.iso27001security.com/html/27032.html

    r. ISO 27035 – Security Incident Management


    https://sites.google.com/a/ist033.org.uk/public/home/4/cg-ip/27035

    s. ISO 22301 – Business Continuity Management


    http://www.nobelcert.com/DataFiles/FreeUpload/ISO%2022301-2019.pdf

    t. ISO 27031 – IT Business Continuity


    https://www.freestandardsdownload.com/iso-iec-27031-2011-pdf-
    download.html

    u. ISO 31000 – Risk Management


    https://www.freestandardsdownload.com/bs-iso-31000-2018-pdf-
    download.html

    v. ISO 22320 – Emergency Management –Incident Management


    CYBERSECURITY COMPETENCY FRAMEWORK
    https://www.freestandardsdownload.com/bs-iso-22320-2018-pdf-
    download.html

    3. Other Country Regulatory Guidance


    a. NIST Cybersecurity Framework
    https://www.nist.gov/cyberframework

    b. ETSI Cybersecurity Control


    https://www.etsi.org/newsroom/news/1342-2018-10-news-etsi-publishes-
    critical-security-controls-for-effective-cyber-defence-as-technical-reports

    c. SCF – Secure Control Framework


    https://www.securecontrolsframework.com/?
    fbclid=IwAR3UgjMpsIbjBBm24bQcSRBfZJkKi0A0UWC83rg9WN_Z7i8MgPLf8O9G
    Qls

    d. CSC – Cloud Security Alliance


    https://cloudsecurityalliance.org/artifacts/cloud-controls-matrix-v3-0-1/

    e. OWASP - Open Web Application Security Projec


    https://owasp.org/www-project-cyber-controls-matrix/

    f. EU General Data Privacy Regulation


    https://gdpr-info.eu/

    g. PCI DSS Pay Card Industry Data Security Standard


    https://www.pcisecuritystandards.org/documents/PCI_DSS-QRG-v3_2_1.pdf?
    agreement=true&time=1534870826847

    h. HIPAA – Health Personal Information


    https://www.hhs.gov/hipaa/for-professionals/privacy/laws-
    regulations/combined-regulation-text/index.html

    i. FIRST – Forum of Incident Response and Security Teams


    https://www.first.org/standards/frameworks/csirts/csirt_services_framework_v
    2.1
    CYBERSECURITY COMPETENCY FRAMEWORK
    4. Professional Body of Knowledge and Competency Certification
    a. Cybersecurity Body of Knowledge
    https://www.cybok.org/media/downloads/CyBOK-version-1.0.pdf

    b. ISC2 CISSP
    https://download.e-bookshelf.de/download/0012/5392/67/L-G-0012539267-
    0035586020.pdf

    c. COMPTIA+ Cybersecurity Analyst


    https://www.pdfdrive.com/comptia-cybersecurity-analyst-e49426045.html

    d. ISACA CISA
    https://www.pdfdrive.com/cisa-certified-information-systems-auditor-study-
    guide-e182911786.html

    e. ISACA CISM
    https://www.pdfdrive.com/cism-review-manual-2014-e184020432.html

    You might also like