Our comprehensive standards-based security programs enable organizations to evaluate their security in accordance with the Federal Information Security Management Act (FISMA) and defined in the five-level Security Assessment Framework (SAF). We also support compliance with regulatory requirements in the commercial sector such as GLBA, HIPAA, Sarbanes-Oxley, international standards such as ISO-17799, and industry best practices.
In short, We use and refer to standards and controls as applicable to your organization based on industry you serve in :
-
Information Systems Security Assessment Framework (ISSAF)
-
HIPAA/HITECH Security, Privacy and Breach Notification Rules
-
Generally Accepted Privacy Principles (GAPP)
-
General Data Protection Regulation (GDPR)
-
ISO/IEC 27001-2:2013
-
CIS Top 20 Critical Security Controls (CA AG)
-
SEC OCIE Cybersecurity Initiative
-
NIST Cybersecurity Framework