The purpose of this document is to provide a set of guidelines for establishing an Information Sharing and Analysis Organization (ISAO). First, a set of key strategic planning factors is provided to help emerging ISAOs consider the most critical questions early in the process. These strategic planning factors will then guide and inform consideration of a series of key operational factors. Finally, a section on building a trusted community offers a set of key considerations for establishing trust. Trust is critical to establishing a successful ISAO with active participation and cybersecurity information sharing among members.
As a set of guidelines and key considerations, this document is not prescriptive in nature. Instead, the document guides the reader through the most critical items to consider. Establishing an ISAO that meets the needs of a growing membership is an iterative process, and these guidelines are intended to help organizers establish an ISAO and evolve it to keep in step with its members’ changing needs.
If you are having trouble viewing this document, we recommend either saving the document before opening it or switching to a different browser.
If you have any comments or suggestions relating to this document, you may submit them using our published product comment form.