Of course also worth mentioning is ISO 27001:2013 which is the international industry standard for information security. It specifies an management system (ISMS) that control many types of risks related to Information Security. See https://en.wikipedia.org/wiki/ISO/IEC_27001
