Compliance Frameworks:
By 2020, 50% of all companies will have a control framework in place
- Provides an organized structure
- Meets regulatory compliance and best practices
A Control Framework includes:
- Controls
- Policies
- Evidence
- Provides Proof of Compliance
The Compliance Standards include:
- ISO/ IEC 27001
- ISO information security standard
-
HIPPA - Health Insurance Portability and Accountability Act of 1996
-
SEC - US Securities and Exchange Commission
-
PCI DSS - Payment Card Industry Data Security Standard
- GLBA
- Gramm–Leach–Bliley Act 1999 - US Financial Services Modernization Act
-
NIST - National Institute of Standards and Technology
-
NYDFS - New York State Department of Financial Services
-
FFIEC - Federal Financial Institutions Examination Council
-
FINRA - Financial Industry Regulatory Authority, Inc.
-
EU GDPR - General Data Protection Regulation
-
PII - Personally Identifiable Information
