The SANS Institute has released critical security controls for cyber defense agreed to by a consortium of agencies. The group includes the NSA, US Cert, DoD, JTF-GNO, the Department of Energy Nuclear Laboratories, Department of. Energy Nuclear. Laboratories,. Department.of State,. DoD Cyber Crime Center, and the top commercial forensics and pen testers that serve the banking and critical infrastructure communities, according to the SANS website. Read the Sans Institute consensus audit guidelines.
Source: https://threatpost.com/top-20-critical-controls-sans-institute-042010/73854/