Where can I get consolidated list of IT best practices for Finance industry?

Q:Where can I get consolidated list of IT best practices for Finance industry?

A:In US, the best path is to go with FFIEC. The FFIEC IT Examination Handbook is the source for technology related risk management considerations for financial institutions. You can get a lot of documentation from the following URL:
http://www.ffiec.gov/ffiecinfobase/index.html

In some countries the banking regulation and supervision agencies enforce Control Objectives for Information and related Technology (COBIT) which is developed by the IT Governance Institute (ITGI). . You can find more information on the following URL:
http://www.isaca.org/cobit/

As discussed above ISO forms the standards and best practices in information security. There are several standards. The following URL will be very helpful to understand what is out there for ISO. It also discusses SSE-CMM and ITIL in security:
http://www.unob.cz/spi/2007/presentace/2007-May-02/01-Novak-Standards.ppt

That being said BASEL-II will be a global requirement for risk management in financial services. Basel II encourages banks to identify the risks, and to develop or improve their ability to manage those risks..You should check that one.

SOX and JSOX still apply to publicly traded companies in US and Japan. COBIT is the framework.

PCI DSS is the framework where credit card data is stored, transmitted and processed.

US government entities use NIST best practices. Check the following link for references:
http://csrc.nist.gov/publications/CSD_DocsGuide.pdf

Let me know if you have any specific questions,
regards,
- yinal ozkan