Gold Standards in Security
NIST SP
NIST SP refers to NIST Special Publications, a series of documents published by the National Institute of Standards and Technology (NIST), a U.S. Department of Commerce agency. These provide authoritative, non-regulatory guidelines, standards, and best practices primarily for information security, cybersecurity, risk management, and related IT governance topics
https://www.nist.gov/cyberframework
https://www.nist.gov/itl/ai-risk-management-framework
https://csrc.nist.gov/projects/risk-management/about-rmf
https://csrc.nist.gov/pubs/sp/800/37/r2/final
https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final
ISO27001
ISO 27001 is the internationally recognized standard for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). It provides a systematic approach to managing sensitive company information so that it remains secure, encompassing people, processes, and IT systems