In the interest of transparency, older versions of the draft documents—plus adjudication—will be found here on the Archive page.
Please refer to Drafts under the Published Products page to see the most recent version of the draft documents available.
ISAO 600-1: A Framework for State-Level Information Sharing and Analysis Organizations v0.1
Information sharing at the state, local, tribal, and territorial (SLTT) level should be targeted for expansion. Many private and governmental entities, however, have not yet undertaken effective cybersecurity threat information sharing, some out of reluctance, others for lack of knowledge. Accordingly, this primer provides a resource for facilitating effective cybersecurity sharing and analysis within states for those already participating in the arena and for those who should be.
Read moreISAO 700-1: Introduction to Analysis v0.1
The purpose of this document is to assist ISAOs by providing a more in-depth review of the foundational services and capabilities of an ISAO: collection and dissemination, facilitate member sharing, analyze information, and surveying members. This in turn will give ISAOs a better understanding of how they can operationalize the technical, analytical, and personnel that are built around those capabilities and services.
Read moreISAO 200-1: Foundational Services and Capabilities v0.2
The purpose of this document is to assist ISAOs by providing a more in-depth review of the foundational services and capabilities of an ISAO: collection and dissemination, facilitate member sharing, analyze information, and surveying members. This in turn will give ISAOs a better understanding of how they can operationalize the technical, analytical, and personnel that are built around those capabilities and services.
Read moreSolicitation for a Discussion on an ISAO Certification Model
The ISAO SO has set out to create the conditions for a deep, broad, and rich network of information-sharing organizations. One potential mechanism for promoting a scalable and sustainable information-sharing environment is a voluntary certification process. The purpose of establishing certifications is to promote rapidly scalable growth within a strong and healthy sharing community. To that end, certification requirements must not create a significant barrier to entry for newly forming...
Read moreISAO 200-1: Foundational Services and Capabilities v0.1
Appendix A of the ISAO100-2 publication introduced a list of services and capabilities that ISAOs offer and perform. Those services and capabilities were categorized into Foundational, Advanced, and Unique. The purpose of this document is to assist ISAOs by providing a comprehensive review of the foundational services and capabilities of an ISAO: collection and dissemination, facilitate member sharing, analyze information, and surveying members. This in turn will give ISAOs a deeper...
Read moreISAO SP 8000: Frequently Asked Questions for ISAO General Counsels v0.02
Broadening participation in voluntary information sharing is an important goal, the success of which will fuel the creation of an increasing number of Information Sharing and Analysis Organizations (ISAOs) across a wide range of corporate, institutional and governmental sectors. While information sharing had been occurring for many years, the Cybersecurity Act of 2015 (Pub. L. No. 114-113) (CISA) was intended to encourage participation by even more entities by adding certain express...
Read moreISAO SP 1000: Forming a Tax-Exempt Entity v0.01
This document serves as a high-level overview of tax-exempt legal entity formation options under the Internal Revenue Code (the “Code”) for Information Sharing and Analysis Organizations (ISAOs). This document does not provide an overview of other federal taxes, non-tax considerations, or state law considerations in choosing an entity type for an ISAO.
Read moreISAO SP 4000: Guiding Practices to Advance Consumer Privacy in Cybersecurity Information Sharing v0.01
In September 2016, the Information Sharing and Analysis Organization Standards Organization published ISAO 300-1: Introduction to Information Sharing. Section 9, Information Privacy, included core and supporting principles for consideration by entities in establishing an ISAO. This document supplements that high level guidance to further assist entities as they assess the potential privacy implications of cybersecurity information sharing. It builds upon the core and supporting principles by...
Read moreISAO 100-1: Introduction to Information Sharing and Analysis Organizations (ISAOs) v1.0
This document serves as an introduction to the topic of Information Sharing and Analysis Organizations (ISAOs) and to the series of documents developed to assist newly forming ISAOs. The establishment of ISAOs allows communities of interest to share cyber threat information with each other on a voluntary basis and to then analyze the shared information to provide guidance or assistance to ISAO members. The goal is to create deeper and broader networks of information sharing to elevate the...
Read moreISAO 100-2: Guidelines for Establishing an Information Sharing and Analysis Organization (ISAO) v1.0
The purpose of this document is to provide a set of guidelines for establishing an Information Sharing and Analysis Organization (ISAO). First, a set of key strategic planning factors is provided to help emerging ISAOs consider the most critical questions early in the process. These strategic planning factors will then guide and inform consideration of a series of key operational factors. Finally, a section on building a trusted community offers a set of key considerations for establishing...
Read moreISAO 300-1: Introduction to Information Sharing v1.0
The purpose of this document is to provide an introduction to cybersecurity information sharing. The intent is to provide a foundation for those trying to understand the basics of information sharing as it relates to Information Sharing and Analysis Organizations (ISAOs). This document describes a conceptual framework for information sharing, information sharing concepts, the types of cybersecurity information an organization may want to share, ways an organization can facilitate information...
Read moreISAO 600-2: US Government Relations, Programs, and Services v1.0
The objective of this guide is to identify preliminary matters of policy and principles, state and local government perspectives, and relevant federal laws regarding cybersecurity information sharing within the United States. Developing trust within and across an information sharing ecosystem that involves both the public and private sectors is a major consideration for all collaborating entities, particularly in the areas of information sharing and privacy, the role of government, and...
Read moreISAO 600-1 U.S. Government Relations, Programs, and Services v0.4 (SWG6)
The objective of this guide is to identify preliminary matters of policy and principles, state and local government perspectives, and relevant federal regulations regarding information sharing within the United States. Developing trust between the U.S. government and ISAOs is a major consideration for all parties, particularly in the area of information sharing and privacy. This document also addresses considerations for ISAO interaction with the intelligence community, law enforcement...
Read moreISAO 100-1 Guidelines for Establishing an ISAO v0.1
These guidelines serve to address the needs for newly forming Information Sharing and Analysis Organizations (ISAOs). Designed to take into consideration the different types of ISAOs that may be formed and the capabilities each may incorporate, it presents an organized approach to the various topics pertinent to ISAOs while considering the immediate needs of emerging ISAOs. As this is a draft document that will continue to be edited and refined until its release in Fall 2016, sections that...
Read moreGovernment Relations Considerations v0.2 (SWG6)
The Role of Government Subgroup of Standards Working Group 6, Government Relations, has conducted its initial review of the tasks that it has been charged to perform as part of the ISAO Standards Organization’s efforts to issue guidance to existing and emerging ISAOs. The first report of the Role of Government Subgroup provides a consensus view concerning the scope, strategy, and outputs related to the role in which government agencies should participate in ISAO efforts nationally.
Read moreGovernment Programs and Services Available to Assist ISAOs v0.2 (SWG6)
The purpose of this voluntary ISAO Standards Organization guide is to assist ISAOs, both new and existing, in identifying existing resources and services—primarily those provided by the government—that may be of use to their organization. Much of this guide is aligned with the five cybersecurity framework function areas. As such, it outlines resources and services available to help ISAOs identify, protect from, detect, respond to, and recover from cyber threats and incidents.
Read moreISAO Support Intake Process v0.2 (SWG5)
The Support Intake Process introduces and outlines five key processes that SWG 5/Support has identified and are researching and developing to support ISAO SO intake and sustained engagement with organizations and ISAOs relevant to its support mission. These process areas include Intake, Checklists, Alignment, Mentoring, and Feedback.
Read moreSecurity v0.2 (SWG4)
Security measures are critical to protect the cyber threat information that ISAOs and their members share. ISAOs that choose to work with the U.S. Department of Homeland Security will have other requirements to review as well, in addition to existing regulatory and legal cybersecurity requirements at the state, local, federal, and international level. This draft document lays out the initial types of issues ISAOs should consider and discuss with their membership. It is not intended to be a...
Read morePrivacy v0.2 (SWG4)
Measures to protect privacy are critical to ensure that the cyber threat information ISAOs and their members share shields private or sensitive information from unauthorized disclosure. ISAOs that choose to work with the U.S. Department of Homeland Security will have other privacy-related requirements to review as well, in addition to existing regulatory and legal privacy requirements at the state, local, federal, and international level. This draft document lays out the initial types of...
Read moreCybersecurity-Related Information Sharing Guidelines v0.2 (SWG3)
The ISAO Standards Organization recognizes that not all new ISAOs may initially be able or desire to fully achieve these objectives. The information sharing guideline is structured to provide a new or existing ISAO with a context identifying outcomes to be considered when selecting and implementing its information sharing and collaboration efforts. In addition to a context framework and information uses, we also present a functional decomposition of possible ISAO information sharing...
Read moreISAO Capabilities and Categories v0.2 (SWG2)
This document presents proposed draft information designed to assist ISAOs with capabilities to consider as they become part of a national ecosystem of cyber information sharing and analysis. ISAOs may develop in many different ways, and each may choose different capabilities driven by the needs of their members. The goal is to offer some prospective choices, options, and ideas regarding capabilities that may prove beneficial in serving members and addressing their particular threat and...
Read moreISAO Startup Topics v0.2 (SWG1)
This document, and its separate sections, is designed to take into consideration the different types of ISAOs that may be formed and the various levels of capabilities each may incorporate. It provides an overall organized approach to developing the various documents pertinent to ISAOs, while considering the immediate needs of emerging ISAOs. Individual Standards Working Groups will develop and refine specific sections of this document in coordination with other SWGs as directed by the ISAO...
Read moreISAO SO Product Outline v0.2
The product outline serves as a unifying framework to identify and organize the topics to be addressed by the ISAO Standards Organization (ISAO SO). It is designed to take into consideration the different types of ISAOs that may be formed and the various levels of capabilities each may incorporate. It presents an organized approach to developing the various documents pertinent to ISAOs while considering the immediate needs of emerging ISAOs.
Read more