Find an alphabetical listing of standards development bodies and standards-related terminologies including acronyms and abbreviations. Visit other standard-related sites below for more information.
Acronym Directory (PDF, 208 KB) Alphabetized by acronym, this directory will help you identify the full name of ANSI accredited standards developers referenced in this site.
Alliance for Telecommunications Industry Solutions (ATIS) The ATIS is a U.S.-based organization that promotes and develops technical and operations standards for the communications and related information technologies industry worldwide. Some of the current activities include developing interoperability and interconnections standards between IPTV systems and services, and Next-Gen network standardization effort.
American Association for Artificial Intelligence The American Association for Artificial Intelligence (AAAI) is a non-profit scientific society devoted to advancing the scientific understanding of the mechanisms underlying thought and intelligent behavior and their embodiment in machines. AAAI also aims to increase public understanding of artificial intelligence.
American National Standards Institute (ANSI) Promotes the use of U.S. standards internationally, advocates U.S. policy and technical positions in international and regional standards organizations, and encourages the adoption of international standards as national standards where these meet the needs of the user community. ANSI accredits Standards Developing Organizations (SDOs) domiciled in the United States. One can also find information and training on the standards development process.
American Society of Industrial Security (ASIS) The largest international educational organization for security professionals, with over 30,000 members worldwide. ASIS is dedicated to increasing the effectiveness and productivity of security professionals by developing educational programs and materials that focus on both the fundamentals and the most recent advancements in security management.
American Society for Civil Engineers (ASCE) The Codes and Standards Program of ASCE develops consensus standards on a variety of topics for the civil engineering profession.
American Society of Mechanical Engineers (ASME) ASME produces and maintains approximately 600 codes and standards, covering a multitude of technical areas including boiler components, elevators, hand tools, fasteners, and machine tools.
American Society for Testing and Materials (ASTM) ASTM International is a voluntary standards development organization for technical standards for materials, products, systems, and services. ASTM International standards have an important role in the information infrastructure that guides design, manufacturing and trade in the global economy.
British Computer Society (BCS) The chartered body for IT professionals. The Society is concerned with the development of computing and its effective application. Under its Royal Charter granted in 1984, it also has responsibilities for education and training, for public awareness, and above all for standards, quality and professionalism.British Standards Institute (BSI) BSI ensures the views of British industry are represented in international standards bodies. BSI’s BS7799 (part 1) is the model for the ISO 17799 IT security standard.
Canadian Standards Association (CSA) The CSA develops standards in Canada focusing on areas such as electrical/electronics, public safety and health and environmental protection.
CanCERT (Canada) CanCERT is Canada’s first national Computer Emergency Response Team. CanCERT is committed to client confidentiality and the improvement of IT security.
Communications Security Establishment (CSE) – Canada The Communications Security Establishment (CSE) is a federal government lead agency that delivers Information Technology Security (ITS) solutions to the government of Canada. It features the Common Criteria Evaluation and Certification Scheme (CCS), which is a Canadian independent third party evaluation and certification service for measuring the trustworthiness of IT security products.
Communications Security Establishments (CSE) A Canadian organization dealing with Information Technology Security (ITS) (Government of Canada public key infrastructures, Annual Canadian ITS symposium, Awareness and education, Government of Canada ITS Strategy).
Computer Ethics Institute CEI is a nonprofit research, education and policy study organization formed to address ethical issues emerging from the rapid development of a society dominated by information and dramatically affected by technologies.
COSO Enterprise Risk Management Integrated Framework The Committee of Sponsoring Organizations of the Treadway Commission (COSO) Enterprise Risk Management Integrated Framework describes the essential components, principles, and concepts of enterprise risk management (ERM). The principles-based framework enables organizations to identify all aspects that should be present in their ERM program and describes how they should be implemented.
European Telecommunications Standards Institute (ETSI) A private sector standards development organization accredited by the European Union to write Pan-European standards for Telecommunications.
ETSI – Telecom Standards A non-profit making organization whose mission is to produce the telecommunications standards that will be used for decades to come throughout Europe and beyond.
European Union (EU) Dependability Development Support Initiative Information about the Dependability Development Support Initiative (DDSI), an 18-month European Union project that developed critical infrastructure protection assessment plans for the EU member nations, in conjunction with the United States, Japan, and other European nations. The DDSI site provides information and papers on project findings and recommendations, including establishing networks of interest, providing security baseline data, and devising policy roadmaps. DDSI held its final conference in Brussels in Oct. 2002.
European Commission (EC) Seeking to identify a common standard for all Europe for IT security.
European Computer Manufacturers Association (ECMA) An international, Europe-based industry association founded in 1961 and dedicated to the standardization of information and communication systems.
Generally Accepted System Security Principles Committee (GASSP) Formed in response to the report “Computers at Risk,” published by the U.S. National Research Council in 1990. That recommendation, “To promulgate comprehensive generally accepted system security principles,” sparked the genesis of a concerted effort to establish a well-balanced committee population representing key elements of the private and public sectors from both the United States and abroad. A subsidiary of International Information Security Foundation (I2SF). GASSP Pervasive Principles and Broad Functional Principles are now published on the MIT Web site. Printed copies are available from Auerbach Publishers and the Computer Security Institute.
German Information Technology Baseline Protection Manual The German Federal Agency for Security in IT (BSI – Bundesamt fur Sicherheit in der Informationstechnik) provides the IT Baseline Protection Manual in German and English (freely downloadable 1680-page PDF). The five main sections are:
- introduction & how to map an IT infrastructure to the manual;
- threat scenarios & safeguards;
- threat catalog;
- safeguard catalog;
- annexes, supplementary aids, forms, brief descriptions of tools, and list of registered users.
Globalspec The above is a search Website and may be used to locate products and services, learn about suppliers, and access technical content on standards, patents, specifications, designs, application notes and more.
Gold Standard for Windows 2000 Professional Consensus minimum security benchmarks for the Windows 2000 Professional operating environment are accepted by the U.S. National Security Agency (NSA), Defense Information Systems Agency (DISA), the National Institute for Standards and Technology (NIST), the National Infrastructure Protection Center (NIPC), the General Services Administration (GSA), the SANS Institute, and the Center for Internet Security. (See DISA IANewsletter: Gold Standard for Windows 2000 Professional.)
Guidelines for the Security of Information Systems (OECD) In 1990, the Information, Computer and Communications Policy (ICCP) Committee of the Organisation for Economic Cooperation and Development (OECD) created a group of experts to prepare information security guidelines. The final version of the Guidelines for the Security of Information Systems was adopted by the 24 OECD Member countries in November 1992. OECD Guidelines have been adopted or adapted by NIST, GASSPC, IFAC, IIA, NACD, and other organizations.
Information Security Forum (ISF) ISF is an independent association of organizations concerned with protecting business information and finding practical solutions to information security problems. ISF offers research publications on security topics, an annual congress, and a bi-annual information security status survey.
Institute for Security and Open Methodologies (ISECOM) The Institute for Security and Open Methodologies (ISECOM) provides collective information and tools under the open source licenses for free public use. This information is provided via the Internet and through social venues and conferences. ISECOM is a think-tank for developing new open standards and methodologies largely in security. All standards are open for international peer-review and are regularly updated to meet the demands of new technologies and the processes derived from them. The site provides news, mail list server, educational events, discussion forum, and certification.
Institute for the Certification of Computing Professionals (ICCP) Dedicated to the establishment of high professional standards for the computer industry, it promotes these standards by offering the only broadly applicable and internationally recognized certification program in the profession. Its examinations provide a practical means of assessment and achieving professional recognition.
Institute of Electrical and Electronics Engineers (IEEE) The Institute of Electrical and Electronics Engineers Standards Association (IEEE-SA) is the leading developer of global industry standards in a broad-range of industries, including Information Technology, Power and Energy, Telecommunications, Transportation, Medical and Healthcare and Standards for new and emerging technologies such as Nanotechnology. In addition, to advance the theory and practice of electrical, electronics and computer engineering and computer science, IEEE sponsors conferences and symposia and meetings and publishes significant technical papers and standards. The IEEE developed the prominent 802® Standards for Local and Metropolitan Area Network Wireless and Wired networks. The 802® standards are available for free download from the Get IEEE 802® Web site.
IEEE has forty-two technical societies and technical councils many of which have groups actively working on developing standards. Here is a listing of several key groups who have publicly viewable Web sites.
- IEEE Communications Society It is a community comprised of a diverse group of industry professionals with a common interest in advancing all communications technologies. The Society sponsors publications, conferences, educational programs, local activities, technical committees, and standards.
- IEEE Computer Society Among its many technical activities it has a very active standards development organization lead by its Standards Activities Board (SAB) that provides an organizational framework and conducive environment within which to develop broadly accepted, sound, timely, and technically excellent standards that will advance the theory and practice of computing and information processing science and technology.
- IEEE EMC Society The IEEE Electromagnetic Compatibility Society (EMC) is the primary international developer of fundamental test and measurement standards for EMC
- IEEE Power and Energy Society Like it’s sister societies, it sponsors publications, conferences, educational activities, technical committees, and standards. The focus of the standards is on generation, transmission and distribution of electrical power.
- IEEE 802 Standards Committee develops Local Area Network standards and Metropolitan Area Network standards. The most widely used standards are for the Ethernet family, Token Ring, Wireless LAN, Bridging and Virtual Bridged LANs. An individual Working Group provides the focus for each area.
IEEE also offers a wealth of material on the standards development process. Here are a few useful Websites:
- IEEE Standards Development Online (provides a complete step-by-step guide to developing an IEEE Standard)
- IEEE SA Training Presentations (IEEE-SA Training Presentations)
Institution of Engineering and Technology (IET) Represents the public, professional and educational interest of over 140,000 electrical, electronic and manufacturing engineers worldwide. Key activities include publishing, the organization of conferences, maintenance of technical standards, interaction with government departments and the provision of scientific and technical information services.
International Electrotechnical Commission (IEC) Provides information on electrical, electronic, electrotechnical international standards.
International Organization for Standardization (ISO) ISO is a network of the national standards institutes of 148 countries, on the basis of one member per country, with a Central Secretariat in Geneva, Switzerland, that coordinates the system. Well known for ISO 9000 and ISO14000 standards.
International Telecommunications Union (ITU) The ITU headquartered in Geneva, Switzerland is an international organization where governments and the private sectors coordinate global telecom networks and services. It is a leading publisher of telecommunication technology, regulatory and standards information. It has three sectors: ITU-T, ITU-R, and ITU-D.
- The ITU-T membership develops recommendations for standards for the various fields of international telecommunications. ITU-T Study Group 19 focus on mobile telecommunication networks and is the lead study group on mobile telecommunication networks and for mobility. Including identification of existing and evolving IMT-2000 systems such as GSM, CDMA2000 and WCDMA.
- The ITU-R plays a role in the management of the RF spectrum and satellite orbits, finite natural resources which are increasingly in demand from a large number of services such as fixed, mobile, broadcasting, amateur, space research, meteorology, global positioning systems, and environmental monitoring.
- The ITU-D facilitates connectivity and access, foster policy, regulatory and network readiness, and formulates financing strategies for telecommunications development and e-enable enterprises in developing countries.
International Webmasters Association Provides and fosters professional advancement opportunities among individuals dedicated to or pursuing a Web career, and to work diligently to enhance their effectiveness, image, and professionalism as they attract and serve their clients and employers.
Internet Engineering Task Force (IETF) The Internet Engineering Task Force (IETF) is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet.
Internet Security Alliance The Internet Security Alliance (ISAlliance) provides a forum for sharing information about information-security issues and threats and works to identify and standardize security best practices and solutions. ISAlliance is a collaboration between the Electronic Industries Association and Carnegie Mellon University’s CERT Coordination Center and Software Engineering Institute.
Internet Society (ISOC) The Internet Society (ISOC) is a professional membership society with more than 150 organization and 11,000 individual members in more than 182 countries. It provides leadership in addressing issues that confront the future of the Internet, and is the organization home for the groups responsible for Internet infrastructure standards, including the Internet Engineering Task Force (IETF) and the Internet Architecture Board (IAB).
ISF Standard of Good Practice for Information Security The Standard of Good Practice for Information Security is produced by the Information Security Forum (ISF), an international membership association of more than 260 organizations, which fund and cooperate in the development of research in information security. The free publication promotes good practice in information security worldwide, helps organizations improve their level of security and reduce their information risk to an acceptable level, and assists in the development of practical and effective standards for reducing information risk.
National Electrical Manufacturers Association (NEMA) NEMA publishes over 500 standards and offers them for sale through Global Engineering, along with certain standards originally developed as American National Standards Institute (ANSI) or International Electrotechnical Commission (IEC) standards.
National Fire Protection Association (NFPA) NFPA develops, publishes, and disseminates more than 300 consensus codes and standards to help minimize the possibility and effects of fire and other risks.
National Information Standards Develops and promotes technical standards used in a wide variety of information services.
National Institute of Standards and Technology (NIST) NIST technology, measurements, and standards help U.S. industry invent and manufacture superior products reliably, ensure a fair marketplace for consumers and businesses, and promote acceptance of U.S. products in foreign markets.
National Physical Laboratory UK’s national measurement standards laboratory. It holds and maintains the UK reference standards for the basic units of mass, length, time, temperature, luminous intensity, and electrical current, as well as many of the derived units. It also undertakes research and development to meet the needs of new industries, such as information technology and materials.
National Security Institute The National Security Institute’s Web site features industry and product news, computer alerts, travel advisories, a calendar of events, a directory of products and services, and access to a virtual security library. Security technology, legislation, intelligence community, and terrorism.
NSSN: A National Resource for Global Standards Provides standards information to a broad constituency. Acts as a one-stop information repository.
OASIS The Organization for the Advancement of Structured Information Standards (OASIS) is an industry consortium that develops technical standards for electronic business applications. OASIS developed the extensible markup standard (XML) and continues to develop XML specifications for many applications.
OECD Guidelines for the Security of Information Systems, 1992 A foundation upon which countries and the private sector, acting independently or in concert, may construct a framework for security of information systems. GASSP, IFAC, and NIST principles are based on these guidelines.
Open Group The Open Group is an international vendor and technology-neutral, not-for-profit consortium offering organizations concerned with open information infrastructures a forum to share knowledge, integrate open initiatives, and certify approved products and processes in an impartial manner. Open Group offers certification, testing, forums, initiatives, conferences, research, and membership.
Open Platform for Security (OPSEC) OPSEC is an open, multi-vendor security framework for providing best-of-breed integrated applications and deployment platforms. Lead company Checkpoint Systems offers two product interoperability certification programs, “Check Point OPSEC Certified” for applications and “Secured by Check Point” for platforms.
Project Management Institute (PMI) PMI is a nonprofit professional association in the area of project management. PMI establishes standards, provides seminars, educational programs, and professional certification for project leaders.
Scientific and Technical Information Network (STINET) Public STINET provides access to citations of unclassified unlimited documents that have been entered into the Defense Technical Information Center’s (DTIC) technical reports collection from December 1974, as well as the electronic full-text of many of these documents. Public STINET also provides access to the DoD Index to Specifications and Standards. Users may access specifications and standards located on the Defense Automation & Production Service (DAPS) database. DTIC also makes available sensitive and classified information to eligible users.
Security Industry Association (SIA) The Security Industry Association (SIA), an international trade association with more than 300 member companies representing manufacturers, distributors, service providers, and integrators, promotes growth, expansion, and professionalism within the security industry. SIA provides education, research, technical standards, representation, and defense of members’ interests. SIA members are involved in market segments such as, CCTV, access control, biometrics, computer security, fire/burglar alarms, and home automation. Members work together to address issues facing the industry and develop programs to enhance the environment in which they sell products and services.
Security Requirements for Cryptographic Modules, FIPS 140-2 Security requirements cover 11 areas related to the design and implementation of a cryptomodule. Within most areas, a cryptomodule receives a security level rating (1-4, from lowest to highest), depending on what requirements are met. For other areas that do not provide for different levels of security, a cryptomodule receives a rating that reflects fulfillment of all of the requirements for that area.
Software Process Improvement and Capability Determination A major international initiative to develop a Standard for Software Process Assessment.
Techstreet Provides industry standards and technical books from hundreds of organizations. Many are downloadable PDF files. Telecommunications Industry Association (TIA) The TIA is an U.S. trade association assisting the member companies in communications and information technology industry in market development, trade shows, domestic and international advocacy, standards development and enabling e-business.
The Web Standards Project A coalition of web developers and users with the mission to “stop the fragmentation of the web, by persuading browser makers that standards are in everyone’s best interest.”
Underwriters Laboratories (UL) UL has developed more than 800 Standards for Safety. Millions of products and their components are tested to UL’s safety standards.
U.S. Department of Defense – Specifications and Standards (DoDISS) Full text DoD Specifications and Standards located on the Defense Automated Printing Service (DAPS), eAccess database. Full text documents available in Portable Document Format.
U.S. Department of Energy (DOE) Technical Standards The mission is to enhance DOE’s transition to a standards-based culture by providing information, coordinating activities, and promoting the use of consensus standards, and when needed, the development of DOE technical standards.
U.S. Environmental Protection Agency EPA works to develop and enforce regulations that implement environmental laws enacted by the U.S. Congress. EPA is responsible for setting national standards for a variety of environmental programs, and delegates to states and tribes the responsibility for issuing permits and for monitoring and enforcing compliance. Where national standards are not met, EPA can issue sanctions and take other steps to assist the states and tribes in reaching the desired levels of environmental quality.
U.S. Government Auditing Standards Government Auditing Standards (The Yellow Book) Links to current Government Auditing Standards, exposure drafts currently out for comment, and related information. Provides an electronic codification of Government Auditing Standards.
U.S. National Information Assurance Partnership (NIAP) The National Information Assurance Partnership (NIAP) is a U.S. Government initiative to meet the security testing needs of IT producers and users. The program is intended to foster the availability of objective measures and test methods for evaluating the quality of IT security products, and the development of commercial testing laboratories that can provide the testing and evaluation services to meet the demands of producers and users. The program should help producers increase the value and competitiveness of their products in the U.S. and abroad through the availability of formal, independent testing and certificates of validation. NIAP efforts will help public and private sectors users by providing a sound and reliable basis for the evaluation, comparison, and selection of security products.
Video Electronics Standards Association To promote and develop timely, relevant, open display and display interface standards, ensuring interoperability, and encouraging innovation and market growth.
Wireless Ethernet Compatibility Alliance, The (WECA) The Wireless Ethernet Compatibility Alliance (WECA) mission is to certify interoperability of Wi-Fi (Wireless Fidelity, IEEE 802.11) products and to promote Wi-Fi as the global wireless LAN standard across all market segments. Site provides articles, press releases, case studies, background, studies/reports, photos, videos, briefings & presentations.
World Wide Web Consortium (W3C) The World Wide Web Consortium (W3C) develops interpretable technologies (specifications, guidelines, software, and tools) to lead the Web to its full potential as a forum for information, commerce, communication, and collective understanding. This page provides W3C news plus links to information about W3C technologies and getting involved in W3C.