While moving through all of the compliance data within the glossary, one of the things we've tried to provide is a current listing of all of the major organizations that we've referenced as an integral part of researching the Unified Compliance Framework. Here is a listing of those organizations we've come across. If we've missed anything, please note what we've missed in the comments field and we'll research the organization and update the database.
American Institute of Certified Public Accountants (AICPA)
Committed to member service and the public interest, the American Institute of Certified Public Accountants and its predecessors have been serving the accounting profession since 1887. See also http://www.aicpa.org/index.htm for more information.
GAO/PCIE Financial Audit Manual
American National Standards Institute (ANSI)
The American National Standards Institute (ANSI) coordinates the development and use of voluntary consensus standards in the United States and represents the needs and views of US stakeholders in standardization forums around the globe. The Institute oversees the creation, promulgation and use of thousands of norms and guidelines that directly impact businesses in nearly every sector: from acoustical devices to construction equipment, from dairy and livestock production to energy distribution, and many more. ANSI is also actively engaged in accrediting programs that assess conformance to standards - including globally-recognized cross-sector programs such as the ISO 9000 (quality) and ISO 14000 (environmental) management systems. See also http://www.ansi.org for more information.
de facto
British Standards Institution
The UK national standards body, responsible for creating and maintaining British standards. See also ISO, and http://www.bsi-global.com for more information.
ITIL
Bundesamt fĂĽr Sicherheit in der Informationstechnik
The central IT security service provider for the German government. The BSI's services and products are aimed at the users and manufacturers of information technology products. Those are primarily the public administration at federal, state and municipal level, in addition companies and private users. As Germany's National Security Agency, it is their goal to promote IT security in Germany so that everyone can make the most of the opportunities opened up by the information society. See also http://www.bsi.de for more information.
de facto
Business Continuity Institute (BCI)
The Business Continuity Institute (BCI) was established in 1994 to enable members to obtain guidance and support from fellow business continuity practitioners. The role of the BCI is to promote the highest standards of professional competence and commercial ethics in the provision and maintenance of business continuity planning and services. See also http://www.thebci.org for more information.
de facto
Business Roundtable (BR)
Business Roundtable is an association of chief executive officers of leading US companies with over $4.5 trillion in annual revenues and more than 10 million employees. Member companies comprise nearly a third of the total value of the US stock market and represent nearly a third of all corporate income taxes paid to the federal government. See also http://www.businessroundtable.org for more information.
de facto
Business Software Alliance (BSA)
BSA is the foremost organization dedicated to promoting a globally robust, competitive and innovative computer industry. BSA policy issues include strengthening intellectual property protections, patent reform, fostering trust in the Internet and e-commerce, and assuring open international marketplaces through pro-growth business policies. See also http://www.bsa.org/ for more information.
de facto
Canadian Institute of Chartered Accountants (CICA)
The CICA, together with the CA institutes/ordre, represents approximately 70,000 CAs and 8,500 students in Canada and Bermuda. The CICA conducts research into current business issues and supports the setting of accounting, auditing and assurance standards for business, not-for-profit organizations and government. It issues guidance on control and governance, publishes professional literature, develops continuing education programs and represents the CA profession nationally and internationally. See also http://www.cica.ca for more information.
de facto
Carnegie Mellon University (CMU)
Some of the Software Engineering Institute (SEI). See also http://www.cmu.edu for more information.
de facto
Center for Internet Security (CIS)
The Center for Internet Security (CIS) is a non-profit enterprise whose mission is to help organizations reduce the risk of business and e-commerce disruptions resulting from inadequate technical security controls. Click Here to learn more about CIS's mission. See also http://www.cisecurity.org for more information.
de facto
Centers for Medicare & Medicaid Services (CMS)
US federal agency which administers Medicare, Medicaid, and the State Children's Health Insurance. See also http://www.cms.hhs.gov for more information.
Centers for Medicare & Medicaid Services (CMS)
CERT Coordination Center (CERT/CC)
The CERT Coordination Center (CERT/CC) is a center of Internet security expertise. It is located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University. The CERT/CC studies Internet security vulnerabilities, handles computer security incidents, publishes a variety of security alerts, does research for long-term changes in networked systems, and develops information and training to help improve security. See also http://www.cert.org for more information.
de facto
Committee for National Security Systems (CNSS)
Under Executive Order (E.O.) 13231 of October 16, 2001, Critical Infrastructure Protection in the Information Age, the President redesignated the National Security Telecommunications and Information Systems Security Committee (NSTISSC) as the Committee on National Security Systems (CNSS). The Department of Defense continues to chair the Committee under the authorities established by NSD-42. This was reaffirmed by Executive Order 13284, dated January 23, 2003, Executive Order Amendment of Executive Orders and Other Actions, in Connection with the Transfer of Certain Functions to the Secretary of Homeland Security. The CNSS provides a forum for the discussion of policy issues, sets national policy, and promulgates direction, operational procedures, and guidance for the security of national security systems. See also http://www.cnss.gov for more information.
FIPS Pub 200
Committee of Sponsoring Organizations for the Commission on Fraudulent Financial Reporting [Treadway Commission] (COSO)
COSO was originally formed in 1985 to sponsor the National Commission on Fraudulent Financial Reporting, an independent private sector initiative which studied the causal factors that can lead to fraudulent financial reporting and developed recommendations for public companies and their independent auditors, for the SEC and other regulators, and for educational institutions. The National Commission was jointly sponsored by five major professional associations in the United States, the American Accounting Association, the American Institute of Certified Public Accountants, Financial Executives International, The Institute of Internal Auditors, and the National Association of Accountants (now the Institute of Management Accountants). The Commission was wholly independent of each of the sponsoring organizations, and contained representatives from industry, public accounting, investment firms, and the New York Stock Exchange. See also http://www.coso.org/ for more information.
CobiT, GAO/PCIE Financial Audit Manual
Computer Security Institute (CSI)
The Computer Security Institute (CSI) reports that it is the world's leading membership organization specifically dedicated to serving and training the information, computer, and network security professional. Since 1974, CSI has been providing education and aggressively advocating the critical importance of protecting information assets. This has nothing to do with the over-rated television shows. See also http://www.gocsi.com for more information.
de facto
Critical Infrastructure Assurance Office (CIAO)
CIAO focuses on developing a national plan for protecting the government's critical infrastructure, as well as education initiatives regarding that infrastructure. CIAO's responsibilities for developing and coordinating national critical infrastructure policy focus on three key areas: 1) promoting national outreach and awareness campaigns both in the private sector and at the state and local government level; 2) assisting Federal agencies to analyze their own risk exposure and critical infrastructure dependencies; and 3) coordinating the preparation of an integrated national strategy for critical infrastructure assurance. See also http://www.bis.doc.gov for more information.
de facto
Defense Information Systems Agency (DISA)
The Defense Information Systems Agency is a combat support agency responsible for planning, engineering, acquiring, fielding, and supporting global net-centric solutions to serve the needs of the President, Vice President, the Secretary of Defense, and other DoD Components, under all conditions of peace and war. The designated core missions of DISA are communications, joint command and control, defensive information operations, combat support computing, and joint interoperability support. See also http://www.disa.mil for more information.
de facto
Department of Homeland Security
The United States Department of Homeland Security (DHS), commonly known as Homeland Security, is a Cabinet department of the Federal Government of the United States with the responsibility of protecting the territory of the United States from terrorist attack and responding to natural disasters. The department was created from 22 existing federal agencies in response to the terrorist attacks of September 11, 2001. See also http://www.dhs.gov for more information.
de facto
European Foundation for Quality Management (EFQM)
The EFQM excellence model was introduced at the beginning of 1992 as the framework for assessing organizations for the European quality award. It is now the most widely used organizational framework in Europe and it has become the basis for the majority of national and regional quality awards. See also http://www.efqm.org/ for more information.
ITIL
Examination Institute for Information Science (EXIN)
The Examination Institute for Information Science, is accredited by the ICMB as an examination board. See also http://www.exin-exams.com/ for more information.
ITIL
Federal Accounting Standards Advisory Board (FASAB)
The mission of the FASAB is to promulgate federal accounting standards after considering the financial and budgetary information needs of citizens, congressional oversight groups, executive agencies, and the needs of other users of federal financial information. Accounting and financial reporting standards are essential for public accountability and for an efficient and effective functioning of our democratic system of government. Federal accounting standards and financial reporting play a major role in fulfilling the government's duty to be publicly accountable and can be used to assess 1) the government's accountability and its efficiency and effectiveness, and 2) the economic, political, and social consequences of the allocation and various uses of federal resources. See also http://www.fasab.gov for more information.
GAO/PCIE Financial Audit Manual
Federal Computer Incident Response Center (FedCIRC)
Established in 2003 to protect the nation's Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation. See also http://www.us-cert.gov for more information.
NIST 800 series, Workgroup for Electronic Data Interchange
Federal Financial Institutions Examination Council (FFIEC)
The Council is a formal interagency body empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions by the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), and the Office of Thrift Supervision (OTS) and to make recommendations to promote uniformity in the supervision of financial institutions. See also http://www.ffiec.gov for more information.
de facto
Federal Trade Commission (FTC)
N 1938, Congress passed the Wheeler-Lea Amendment, which included a broad prohibition against "unfair and deceptive acts or practices." Since then, the Commission also has been directed to administer a wide variety of other consumer protection laws, including the Telemarketing Sales Rule, the Pay-Per-Call Rule and the Equal Credit Opportunity Act. In 1975, Congress passed the Magnuson-Moss Act, which gave the FTC the authority to adopt trade regulation rules that define unfair or deceptive acts in particular industries. Trade regulation rules have the force of law. As you read through this booklet, you will learn about other laws that enable the FTC to help consumers. The FTC's work is performed by the Bureaus of Consumer Protection, Competition and Economics. That work is aided by the Office of General Counsel and seven regional offices. See also http://www.ftc.gov for more information.
de facto
Financial Services Roundtable (FSR)
Mission Statement
The mission of The Financial Services Roundtable is to unify the leadership of large integrated financial services companies in pursuit of three primary objectives: 1) To be the premier forum in which leaders of the United States financial services industry determine and influence the most critical public policy issues that shape a vibrant, competitive marketplace and a growing national economy; 2) To promote the interests of member companies in federal legislative, regulatory, and judicial forums; and 3) To effectively communicate the benefits of competitive and integrated financial services to the American public. See also http://www.fsround.org for more information.
de facto
Generally Accepted Internet Security Principles Committee
Originally carried by the International Information Security Foundation (IISF), the GAISP has drawn from a wide array of existing guidelines, such as those created by the Organization for Economic Cooperation and Development (OECD) and the United Kingdom Department of Trade and Industry. As a global initiative, participation and support have been gained from respected groups like the International Information Systems Security Certification Consortium (ISC2), the International Standards Organization (ISO), the Institute of Internal Auditors (IIA) and the international Common Criteria effort. See also http://www.issa.org/gaisp for more information.
de facto
Government Accountability Office (GAO)
Effective July 7, 2004, the GAO's legal name became the Government Accountability Office. The change, which better reflects the modern professional services organization GAO has become, is the most visible provision of the GAO Human Capital Reform Act of 2004, Pub. L. 108-271, 118 Stat. 811 (2004). See also http://www.gao.gov for more information.
GAO/PCIE Financial Audit Manual
Information Assurance and Infrastructure Protection Directorate of the DHS (IAIP)
An organization within the Department of Homeland Security. IAD's mission involves detecting, reporting, and responding to cyber threats; making encryption codes to securely pass information between systems; and embedding IA measures directly into the emerging Global Information Grid. It includes building secure audio and video communications equipment, making tamper protection products, and providing trusted microelectronics solutions. It entails testing the security of customers' systems, providing OPSEC assistance, and evaluating commercial software and hardware against nationally set standards, to better meet our nation's IA needs. See also http://www.nsa.gov/ia/ for more information.
de facto
Information Security Forum (ISF)
The Information Security Forum (ISF) is the world's leading independent authority on information security. By harnessing our world-renowned expertise and the collective knowledge and experience of our members - including 50% of Fortune 100 companies - the ISF delivers practical guidance and solutions to overcome wide-ranging security challenges impacting business information today. See also http://www.securityforum.org for more information.
de facto
Information Systems Audit and Control Association (ISACA)
The Information Systems Audit and Control Association (ISACA) is a worldwide organization which provides up-to-date information for professionals in the converging disciplines of auditing, data processing, accounting, data security, and quality assurance. See also http://www.isaca.org for more information.
de facto
Information Systems Examination Board (ISEB)
The British computer society information systems examination board is accredited by the ICMB as an examination board. See also http://www.bcs.org/bcs/products/qualifications/iseb for more information.
ITIL
Information Systems Security Association (ISSA)
ISSA is a not-for-profit international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members. See also http://www.issa.org for more information.
de facto
Institute of Chartered Accountants in England & Wales (ICAEW)
The Institute of Chartered Accountants in England & Wales is the largest professional accountancy body in Europe with over 128,000 members.
The Institute was established by Royal Charter in 1880. It is now a key influencer on the international stage and the leading UK body of finance professionals offering world class qualifications. See also http://www.icaew.co.uk for more information.
de facto
Institute of Electrical and Electronics Engineers (IEEE)
Pronounced I-triple-E, IEEE is an organization composed of engineers, scientists, and students. The IEEE is best known for developing standards for the computer and electronics industry. See also http://www.ieee.org/portal/site for more information.
ISACA
Institute of Internal Auditors (IIA)
Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association of more than 117,000 members with global headquarters in Altamonte Springs, Fla., United States. Throughout the world, the IIA is recognized as the internal audit profession's leader in certification, education, research, and technological guidance. See also http://www.theiia.org for more information.
de facto
Institute of IT Service Managers
An independently governed professional body, specifically aimed at professionals in IT service management which "aims to promote and support the standing of its members by establishing high-standards of professional and ethical conduct, ensuring continuing professional development of its members in order to demonstrate their competence and commitment." See also http://www.iosm.com/ for more information.
ITIL
International Chamber of Commerce (ICC)
CC (International Chamber of Commerce) is the voice of world business championing the global economy as a force for economic growth, job creation and prosperity. ICC activities cover a broad spectrum, from arbitration and dispute resolution to making the case for open trade and the market economy system, business self-regulation, fighting corruption or combating commercial crime. See also http://www.iccwbo.org for more information.
de facto
International Federation of Accountants (IFAC)
IFAC is the global organization for the accountancy profession. It works with its 163 member organizations in 120 countries to protect the public interest by encouraging high quality practices by the world's accountants. IFAC members represent 2.5 million accountants employed in public practice, industry and commerce, government, and academe. Its structure and governance provide for the representation of its diverse constituencies and interaction with external groups that rely on or influence the work of accountants. See also http://www.ifac.org for more information.
de facto
International Information System Security Certification Consortium (ISC2)
The International Information Systems Security Certification Consortium, or ISC2, is internationally recognized for educating and certifying information security professionals throughout their careers. Their certification programs range from CISSPs through ISSAPs, ISSMP, and others. For more information see https://www.isc2.org.
Generally Accepted Information Security Principles, de facto
International Organization for Standardization (ISO)
The International Organization for Standardization (ISO) is the world's largest developer of standards. ISO is a non-governmental organization which is a network of the national standards institutes of 156 countries. Further information about ISO is available from http://www.ISO.org/.
ITIL, CobiT, AICPA, Centers for Medicare & Medicaid Services (CMS)
Internet Engineering Task Force (IETF)
The Internet standards setting organization with international affiliates from network industry representatives. This includes all network industry developers and researchers concerned with evolution and planned growth of the Internet. See also http://www.ietf.org for more information.
ISACA
Internet Security Alliance (ISA)
The Internet Security Alliance was created to provide a forum for information sharing and leadership on information security issues. It represents industry's interests to legislators and regulators and aims to identify and standardize best practices in Internet security and network survivability while creating a collaborative environment to develop and implement information security solutions. The alliance is a collaborative effort between Carnegie Mellon's Software Engineering Institute (SEI), its CERT Coordination Center (CERT/CC), and the Electronic Industries Alliance (EIA), a federation of trade associations. See also http://www.sei.cmu.edu for more information.
de facto
IT Compliance Institute (ITCI)
The IT Compliance Institute (ITCi) strives to be a global authority on the role of technology in business governance and regulatory compliance. Through comprehensive education, research, and analysis related to emerging government statutes and affected business and technology practices, they help organizations overcome the challenges posed by today's regulatory environment and find new ways to turn compliance efforts into capital opportunities. See also http://www.itcinstitute.com for more information.
de facto
IT Service Management Forum (ITSMF)
The IT service management forum is an independent organization dedicated to promoting a professional approach to IT service management. The ITSMF is a not-for-profit membership organization with representation in many countries around the world (ITSMF chapters). The ITSMF and its membership contribute to the development of ITIL and associated IT service management standards. See also http://www.itsmf.com/ for more information.
ITIL
ITIL Certification Management Board (ICMB)
The body responsible for the maintenance and ongoing development of the ITIL qualification scheme. See also http://www.ITIL.co.uk/ICMB.htm for further information.
ITIL
MIS Training Institute (MISTI)
Founded in 1978, the MIS Training Institute reports that it is the international leader in audit and information security training, with offices in the USA, UK, and Asia. The MIS's security and consulting division, the Information Security Institute (ISI), focuses exclusively on providing high-quality information security conferences, seminars, and consulting services. System Security Ltd., a UK division of MIS, provides hands-on audit and security training. For more information, see http://www.misti.com.
de facto
National Association of Corporate Directors (NACS)
Founded in 1977, the National Association of Corporate Directors is the only non-profit membership organization dedicated exclusively to serving the corporate governance needs of directors and boards. NACD's mission is to achieve improved corporate governance through better board practice. By offering education, information, conducting independent research, and disseminating leading practices, NACD provides resources for increasing director and board effectiveness. See also http://www.nacdonline.org for more information.
de facto
National Cyber Security Alliance (NCSA)
A non-profit organization, the National Cyber Security Alliance (NCSA) is the go-to resource for cyber security awareness and education for home user, small business, and education audiences. A public-private partnership, NCSA sponsors include the Department of Homeland Security, Federal Trade Commission, and many private-sector corporations and organizations. NCSA provides tools and resources to empower home users, small businesses, and schools, colleges, and universities to stay safe online. See also http://www.staysafeonline.info for more information.
de facto
National Cybercrime Training Partnership (NCTP)
The stated vision of the National Cybercrime Training Partnership (NCTP) is to develop a 21st century paradigm for law enforcement training in electronic and high-technology crime. This newly designed training paradigm must feature multilevel, multitiered, decentralized, and continuous training. See also http://www.nctp.org for more information.
de facto
National Infrastructure Protection Center (NIPC)
The NIPC served as a national critical infrastructure threat assessment, warning, vulnerability, and law enforcement investigation and response entity. The NIPC provided timely warnings of international threats, comprehensive analysis and law enforcement investigation and response. Recently, the former National Infrastructure Protection Center (NIPC) was fully integrated into the Information Analysis and Infrastructure Protection Directorate of the Department of Homeland Security (DHS). As such, the responsibilities of fulfilling the mission of physical and cyber critical infrastructure assessment and protection of the former NIPC are now being addressed by two new divisions. See also DHS.
NIST 800 series
National Institute of Standards and Technology (NIST)
From automated teller machines and atomic clocks to mammograms and semiconductors, innumerable products and services rely in some way on technology, measurement, and standards provided by the National Institute of Standards and Technology. Founded in 1901, NIST is a non-regulatory federal agency within the U.S. Commerce Department's Technology Administration. NIST's mission is to promote US innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. See also http://www.nist.gov for more information.
NIST 800 series
National Security Agency (NSA)
The National Security Agency/Central Security Service is America's cryptologic organization. It coordinates, directs, and performs highly specialized activities to protect US government information systems and produce foreign signals intelligence information. A high technology organization, NSA is on the frontiers of communications and data processing. It is also one of the most important centers of foreign language analysis and research within the government. See also http://www.nsa.gov for more information.
de facto
North American Electric Reliability Council (NERC)
NERC's mission is to ensure that the bulk electric system in North America is reliable, adequate and secure. Since its formation in 1968, NERC has operated successfully as a self-regulatory organization, relying on reciprocity and the mutual self-interest of all those involved. See also http://www.nerc.com for more information.
de facto
Object Management Group (OMG)
A consortium with more than 700 affiliates from the software industry. Its purpose is to provide a common framework for developing applications using object-oriented programming techniques. For example, OMG is known principally for promulgating the CORBA specification. See also http://www.omg.org for more information.
ISACA
Office of General Counsel
Within the Government Accounting Office, the Office of General Counsel provides assistance to the auditor in 1) identifying provisions of laws and regulations to test, 2) identifying budget restrictions, and 3) identifying and resolving legal issues encountered in the financial statement audit, such as evaluating potential instances of noncompliance. See also http://www.ogc.doc.gov for more information.
GAO/PCIE Financial Audit Manual
Office of Government Commerce
ITIL defines OGC as the Office of Government Commerce. OGC own the copyright to the ITIL publications. They are a UK government department that works with public sector organizations to help them improve their efficiency, gain better value for money from their commercial activities, and deliver improved success from programs and projects. See also http://www.ogc.gov.uk for more information.
ITIL
Office of Management and Budget (OMB)
OMB assists the President of the United States in the development and execution of his policies and programs. OMB has a hand in the development and resolution of all budget, policy, legislative, regulatory, procurement, e-gov, and management issues on behalf of the President. OMB is composed of divisions organized either by Agency and program area or by functional responsibilities. However, the work of OMB often requires a broad exposure to issues and programs outside of the direct area of assigned responsibility. See also http://www.whitehouse.gov/omb for more information.
GAO/PCIE Financial Audit Manual
Office of Personnel Management (OPM)
The United States' human resources agency. See also http://www.opm.gov for more information.
Network Frontiers
Office of Public Sector Information (OPSI)
OPSI are the publishers of the ITIL publications. They are a UK government department who provide online access to UK legislation, license the reuse of crown copyright material, manage the information fair trader scheme, maintain the government's information asset register, and provide advice and guidance on official publishing and crown copyright. See also http://www.opsi.gov.uk for more information.
ITIL
Organization for Economic Cooperation and Development (OECD)
The OECD groups 30 member countries sharing a commitment to democratic government and the market economy. With active relationships with some 70 other countries, NGOs and civil society, it has a global reach. Best known for its publications and its statistics, its work covers economic and social issues from macroeconomics, to trade, education, development and science and innovation. The OECD plays a prominent role in fostering good governance in the public service and in corporate activity. The OECD produces internationally agreed instruments, decisions and recommendations to promote rules of the game in areas where multilateral agreement is necessary for individual countries to make progress in a globalized economy. See also http://www.oecd.org for more information.
de facto
President's Council on Integrity and Efficiency (PCIE)
The President's Council on Integrity and Efficiency (PCIE) and the Executive Council on Integrity and Efficiency (ECIE) were established by Executive Order 12805, May 11, 1992, to: 1) address integrity, economy, and effectiveness issues that transcend individual Government agencies, and 2) increase the professionalism and effectiveness of IG personnel throughout the Government. See also http://www.ignet.gov/pcieecie1.html for more information.
GAO/PCIE Financial Audit Manual
Project Management Institute (PMI)
The Project Management Institute is focused on the needs of project management professionals worldwide with more than 200,000 professionals in 125 countries. See also http://www.pmi.org for more information.
CobiT
Public Company Accounting Oversight Board (PCAOB)
The PCAOB is a private-sector, non-profit corporation, created by the Sarbanes-Oxley Act of 2002, to oversee the auditors of public companies in order to protect the interests of investors and further the public interest in the preparation of informative, fair, and independent audit reports. See also http://www.pcaobus.org for more information.
de facto
Securities & Exchange Commission (SEC)
The mission of the US Securities and Exchange Commission is to protect investors, maintain fair, orderly, and efficient markets, and facilitate capital formation. See also http://www.sec.gov for more information.
de facto
Society for the Worldwide Interbank Financial Telecommunication (SWIFT)
Founded in Brussels in 1973, the Society for the Worldwide Interbank Financial Telecommunication (SWIFT) is a co-operative organization dedicated to the promotion and development of standardized global interactivity for financial transactions. SWIFT's original mandate was to establish a global communications link for data processing and a common language for international financial transactions. The Society operates a messaging service for financial messages, such as letters of credit, payments, and securities transactions, between member banks worldwide. SWIFT's essential function is to deliver these messages quickly and securely--both of which are prime considerations for financial matters. Member organizations create formatted messages that are then forwarded to SWIFT for delivery to the recipient member organization. SWIFT operates out of its Brussels headquarters and processes data at centers in Belgium and the United States. See also http://www.swift.com for more information.
ISACA
Software Engineering Institute (SEI)
Since 1984, the Carnegie Mellon Software Engineering Institute (SEI) has served the nation as a federally funded research and development center. The SEI staff has advanced software engineering principles and practices and has served as a national resource in software engineering, computer security, and process improvement. As part of Carnegie Mellon University, which is well known for its highly rated programs in computer science and engineering, the SEI operates at the leading edge of technical innovation. See also http://www.sei.cmu.edu for more information.
CobiT
Software Process Improvement and Capability dEtermination (SPICE)
An independent, international quality management system for software development. See also Capability Maturity Model Integration, and http://www.sqi.gu.edu.au/spice/ for more information.
ITIL
System Administration, Networking, and Security Institute (SANS)
The SANS (System Administration, Networking, and Security) Institute is a cooperative research and education organization through which more than 96,000 system administrators, security professionals, and network administrators share the lessons they are learning and find solutions to the challenges they face. SANS was founded in 1989. See http://www.sans.org for more information.
de facto
The Technology Group for The Financial Services Roundtable (BITS)
BITS is a nonprofit, CEO-driven financial service industry consortium made up of 100 of the largest financial institutions in the US. BITS works to leverage the intellectual capital of its members, fostering collaboration to address emerging issues where financial services, technology, and commerce intersect. See also http://www.bitsinfo.org/ for more information.
de facto
World Wide Web Consortium (W3C)
An international consortium founded in 1994 of affiliates from public and private organizations involved with the Internet and the web. The W3C's primary mission is to promulgate open standards to further enhance the economic growth of Internet web services globally. See also http://www.w3.org for more information.
ISACA