Download free IT Strategic Direction Audit Checklist. This strategic audit checklist used to review the technological infrastructure plan during IT strategic management. This checklist also review the policies, procedures

Download free Vulnerability Assessment Tools and Checklists. This simple checklist could be used to help every company perform their own assessment for the IT environment and infrastructure

Information Systems Under Attack: Managing Enterprise Risk in Today's World of Sophisticated Threats and Adversaries, NIST, Gaithersburg, MD, July 2, 2008
Ron Ross, National Institute of Standards and Technology

Industrial Control System Security and NIST SP 800-53 Overview, NIST, Gaithersburg, MD, July 2, 2008
Keith Stouffer and Stuart Katzke, National Institute of Standards and Technology

Specific Security Requirements for Industrial Automation and Control Systems: Integrating ISA-99, NIST SP 800-53, and IEC TC65 WG10 (IEC 62443), (16.5 MB)
ISA EXPO 2007, Houston, TX, October 3, 2007.

Download free NIST Special Publication 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security (Second Draft); September 2007.

The final public draft of SP 800-82 is available for public comment. It provides guidance on how to secure Industrial Control Systems (ICS), including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC), while addressing their unique performance, reliability, and safety requirements. SP 800-82 provides an overview of ICS and typical system topologies, identifies typical threats and vulnerabilities

Download free Security Development Lifecycle (SDL) Risk Assessment from Microsoft. This complete checklist for Secure Development Risk Assessment used by software developer, system architect or security auditor to help them assessing the risk level of a IT development project.