Frameworks
FERPA
FERPA is a U.S. federal law that safeguards the privacy of student education records, granting parents and eligible students rights to access, amend, and control the disclosure of personally identifiable information from these records.
ISO 27003
ISO 27003 provides guidance on implementing an Information Security Management System (ISMS) based on ISO 27001, including planning, establishing, maintaining, and improving the ISMS framework to ensure effective information security management within an organisation.
NIST CSF v2.0
The NIST Cybersecurity Framework (CSF) v2.0 provides voluntary guidelines to help organisation's manage and reduce cybersecurity risks, emphasising flexibility, scalability, and alignment with industry standards to enhance cyber resilience across sectors.
ZERO TRUST
A security model that assumes no implicit trust, requiring verification of every user, device, and application attempting to access network resources. It emphasises continuous monitoring, least privilege access, and strict identity verification to protect against internal and external threats.
.png)
GDPR
The General Data Protection Regulation (GDPR) is a landmark regulation enacted by the European Union (EU) that governs data protection and privacy for individuals within the EU and the European Economic Area (EEA). Effective since May 25, 2018, GDPR sets strict guidelines for collecting, processing,...
NIST AI RMF
The NIST AI Risk Management Framework (AI RMF) provides guidelines for organizations to manage risks associated with artificial intelligence. It focuses on fostering trustworthy AI by promoting transparency, fairness, accountability, and security throughout the AI lifecycle.
.jpg)
CMMC L2
Cybersecurity is a top priority for the Department of Defense. The Defense Industrial Base (DIB) is the target of more frequent and complex cyberattacks. To protect American ingenuity and national security information, the DoD developed the Cybersecurity Maturity Model Certification (CMMC) 2.0 progr...
.svg)
PCI DSS v4.0
The Payment Card Industry Data Security Standard (PCI DSS) 4.0 represents the latest evolution of the PCI DSS framework, designed to enhance the security of payment card data and adapt to the changing threat landscape. Released in March 2022, PCI DSS 4.0 introduces updates and new requirements to ad...
NIST 800-53 PRIVACY
NIST 800-53 Privacy focuses on controls for managing and protecting personal data in information systems. It provides guidelines for safeguarding privacy and ensuring compliance with privacy laws and regulations, addressing data collection, use, and sharing practices.