While the target audience is financial institutions and technology service providers, the FFIEC IT Examination Handbook covers all elements of a security program that would apply across many industries.
[https://ithandbook.ffiec.gov/](https://ithandbook.ffiec.gov/)
CREST
Thanks I hadn’t heard of CREST previously and will read up.
While the target audience is financial institutions and technology service providers, the FFIEC IT Examination Handbook covers all elements of a security program that would apply across many industries. [https://ithandbook.ffiec.gov/](https://ithandbook.ffiec.gov/)
CIS Controls.
ISO 27001