
An Introduction to Information Security (2017) [pdf] - rayascott
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-12r1.pdf
======
sgt
Of course also worth mentioning is ISO 27001:2013 which is the international
industry standard for information security. It specifies an management system
(ISMS) that control many types of risks related to Information Security. See
[https://en.wikipedia.org/wiki/ISO/IEC_27001](https://en.wikipedia.org/wiki/ISO/IEC_27001)

