GRC
- Details
If you're going to be successful running a security and audit practice you're going to have to become well versed in the many security frameworks that there are out there now.
Depending on your industry there are some great security frameworks available. You will also want to dig into, and understand, your specific industries regulatory requirements. As you venture into the GRC(Governance, Risk, and Compliance) world you will see some names continue to bubble up. Some of those will be NIST CSF 2.0, COBIT, CIS, ISO27000, PCI-DSS, HIPAA.
As you study through the seemingly endless volumes of information from the various providers you will eventually begin to see that there is an incredible amount of overlap between all of the frameworks.
A great place to start would be to become familiar with the latest NIST CSF 2.0 framework and the NIST SPs that support it. You can get started by going here.
NIST SP 800 Series General Information