The MPAA is also pleased to release a trending report on the facilities that were visited by the calendar year when the inspection occurred. Each report provides a summary of trends and observations.
Download 2012 Trending Report
Download 2010 Trending Report
International Organization for Standardization (ISO), Standard 27001. Information technology — Security techniques — Information security management systems — Requirements, October 2005.
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=42103
International Organization for Standardization (ISO), Standard 27002. Information technology — Security techniques — Code of practice for information security management, July 2007.
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=50297
International Organization for Standardization (ISO), Standard 27005. Information technology — Security technique- Information security risk management, June 2008.
http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=56742
National Institute of Standards and Technology Special Publication 800-53. Recommended Security Controls for Federal Information Systems, February 2005.
http://csrc.nist.gov/publications/nistpubs/800-53-Rev3/sp800-53-rev3-final_updated-errata_05-01-2010.pdf
National Institute of Standards and Technology Special Publication IR 7298. Glossary of Key Information Security Terms, April 2006.
http://csrc.nist.gov/publications/nistir/ir7298-rev1/nistir-7298-revision1.pdf
SysAdmin, Audit, Networking, and Security (SANS Institute). Glossary of Terms Used in Security and Intrusion Detection.
http://www.sans.org/resources/glossary.php#m
The Open Web Application Security Project (OWASP) — Testing Guide.
http://www.owasp.org/images/5/56/OWASP_Testing_Guide_v3.pdf
National Institute of Standards and Technology Special Publication 800-88. Guidelines for Media Sanitization, September 2006.
http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf
National Industrial Security Program — Operating Manual (DoD 5220.22-M), February 2006.
http://www.fas.org/sgp/library/nispom/nispom2006.pdf
The Center for Internet Security — Security Benchmarks.
http://benchmarks.cisecurity.org/en-us/?route=default
National Security Agency — Security Configuration Guides.
http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/index.shtml
National Institute of Standards and Technology Special Publication 800-92. Guide to Computer Security Log Management, September 2006.
http://csrc.nist.gov/publications/nistpubs/800-92/SP800-92.pdf
National Institute of Standards and Technology Special Publication 800-44. Guidelines on Securing Public Web Servers, September 2007.
http://csrc.nist.gov/publications/nistpubs/800-44-ver2/SP800-44v2.pdf
National Institute of Standards and Technology Special Publication 800-40. Creating a Patch and Vulnerability Management Program, November 2005.
http://csrc.nist.gov/publications/nistpubs/800-40-Ver2/SP800-40v2.pdf
In 2012, the MPAA will provide links to other organizations or entities where you can receive information about how your facility can obtain certification and/or accreditation from a recognized body.