Controls that support business management and governance as well as provide general and technical controls over information technology infrastructures such as applications, information, infrastructure, and people.

Source: The International Standards for the Professional Practice of Internal Auditing (Standards), Issued October 2008, Revised October 2012, and December 2016 . © 2017 The Institute of Internal Auditors, Inc.

• COBIT 5
  
• ITIL Framework
  
• National Institute of Standards and Technology (NIST)
  
• Payment Card Industry (PCI DSS) Document Library
  
• Federal Information Security Management Act (FISMA)
  
• International Organization for Standardization (ISO 27000) InformationTechnology, Information Security Management Systems Guidance
  

Links on these pages to non-University sites do not represent endorsement by the University of Oklahoma or its affiliates