Full Resource List for IT Professionals

  1. Information Security Officers
  2. Security Operations
  3. Risk Management
  4. Security Architecture
  • SP 800-165 (PDF): 2012 Computer Security Division Annual Report
  • SP 800-100 (PDF): Information Security Handbook: A Guide for Managers
  • SP 800-65: Revision 1 DRAFT Recommendations for Integrating Information Security into the Capital Planning and Investment Control Process (CPIC)
  • SP 800-65 (PDF): Integrating IT Security into the Capital Planning and Investment Control Process
  • SP 800-64 (PDF): Revision 2 Security Considerations in the System Development Life Cycle
  • SP 800-55 (PDF): Revision 1 Performance Measurement Guide for Information Security
  • SP 800-50 (PDF): Building an Information Technology Security Awareness and Training Program
  • SP 800-39 (PDF): Managing Information Security Risk: Organization, Mission, and Information System View
  • SP 800-33 (PDF): Underlying Technical Models for Information Technology Security
  • SP 800-16: Rev. 1 DRAFT Information Security Training Requirements: A Role- and Performance-Based Model
  • SP 800-16 (PDF): Information Technology Security Training Requirements: A Role- and Performance-Based Model
  • SP 800-14 (PDF): Generally Accepted Principles and Practices for Securing Information Technology Systems
  • SP 800-13 (PDF): Telecommunications Security Guidelines for Telecommunications Management Network
  • SP 800-12 (PDF): An Introduction to Computer Security: The NIST Handbook