It's a state law in California, USA, giving residents more control over their personal information. It grants rights like knowing what data is collected, opting out of data sales, and requesting data deletion. Businesses must comply with transparency, security, and data protection requirements.
It's a set of cybersecurity best practices and guidelines to help organizations protect their systems and data against cyber threats. The controls cover areas like asset management, access control, network security, and incident response.
A framework developed by the U.S. Department of Defense (DoD) to assess and certify the cybersecurity practices and maturity of defense contractors and subcontractors.
A framework developed by ISACA (Information Systems Audit and Control Association) for the governance and management of enterprise IT, providing best practices and guidelines for IT governance, risk management, and compliance.
Compliance with regulations established by the FERC for the energy industry, including standards for reliability, cybersecurity, and market oversight
A U.S. federal law that protects the privacy of student education records and gives parents certain rights with respect to their children's education records.
A U.S. federal law that defines a comprehensive framework for securing federal government information systems, including requirements for risk management, security controls, and reporting.
A comprehensive privacy law enacted by the European Union (EU) to protect the personal data and privacy of EU citizens and residents.
A U.S. federal law that sets standards for the protection of sensitive patient health information, including requirements for healthcare providers, health plans, and business associates.
A globally recognized standard for environmental management systems (EMS), providing requirements for organizations to establish, implement, maintain, and improve their environmental performance.
A globally recognized standard for service management systems (SMS), providing requirements for organizations to establish, implement, maintain, and continually improve their service management processes.
A globally recognized standard for quality management systems (QMS), providing requirements for organizations to demonstrate their ability to consistently provide products and services that meet customer and regulatory requirements.
A widely recognized standard for information security management systems (ISMS), providing requirements for organizations to establish, implement, maintain, and continually improve their information security processes.
A set of U.S. government regulations that control the export and import of defense-related articles and services on the United States Munitions List (USML).
A framework of best practices for IT service management that focuses on aligning IT services with the needs of the business and delivering value to customers.
A voluntary framework developed by the National Institute of Standards and Technology (NIST) to help organizations manage and reduce cybersecurity risks.
A set of security standards designed to ensure that companies that accept, process, store, or transmit credit card information maintain a secure environment to protect cardholder data.
The adherence to the requirements of the Sarbanes-Oxley Act, including the establishment and assessment of internal controls over financial reporting to ensure the accuracy and integrity of financial statements.
A framework for auditing and reporting on controls related to security, availability, processing integrity, confidentiality, and privacy of data at a service organization.
A U.S. federal law that sets requirements for public company boards, management, and public accounting firms regarding financial reporting and disclosure, internal controls, and audit processes.
