Frameworks
.png)
SPRS VQ
Supplier Performance Risk System (SPRS)<br /> SPRS is a procurement risk analysis tool for the areas of Price, Item, and Supplier risk. The Price Risk tool compares industry prices to the average price paid by the government. The Item Risk tool flags items identified as high risk (based on critical...
GLBA
The Gramm-Leach-Bliley Act (GLBA) mandates financial institutions to protect customers' nonpublic personal information (NPI). It requires implementing robust security measures, providing clear privacy notices, offering opt-out options, and ensuring third-party compliance. GLBA focuses on safeguardin...
Vendor Certification Validation_VQ
This questionnaire collects and validates information about third-party vendors, suppliers, and partners to ensure compliance with organizational standards validated by a third-party assessor.
FERPA
FERPA is a U.S. federal law that safeguards the privacy of student education records, granting parents and eligible students rights to access, amend, and control the disclosure of personally identifiable information from these records.
ISO 27003
ISO 27003 provides guidance on implementing an Information Security Management System (ISMS) based on ISO 27001, including planning, establishing, maintaining, and improving the ISMS framework to ensure effective information security management within an organisation.
NIST CSF v2.0
The NIST Cybersecurity Framework (CSF) v2.0 provides voluntary guidelines to help organisation's manage and reduce cybersecurity risks, emphasising flexibility, scalability, and alignment with industry standards to enhance cyber resilience across sectors.
ZERO TRUST
A security model that assumes no implicit trust, requiring verification of every user, device, and application attempting to access network resources. It emphasises continuous monitoring, least privilege access, and strict identity verification to protect against internal and external threats.
.png)
GDPR
The General Data Protection Regulation (GDPR) is a landmark regulation enacted by the European Union (EU) that governs data protection and privacy for individuals within the EU and the European Economic Area (EEA). Effective since May 25, 2018, GDPR sets strict guidelines for collecting, processing,...
NIST AI RMF
The NIST AI Risk Management Framework (AI RMF) provides guidelines for organizations to manage risks associated with artificial intelligence. It focuses on fostering trustworthy AI by promoting transparency, fairness, accountability, and security throughout the AI lifecycle.