In order to meet with the technical and other requirements, organisations uses Frameworks that provides the best practices and guidelines to assist in improving security , meeting regulatory requirements, optimizing business processes and performing other tasks to improve and boost business .

These are the several cybersecurity compliance frameworks available, including the following:

  • Consortium for IT Software Quality (CISQ)
  • Control Objectives for Information Related Technology (COBIT)
  • Federal Risk and Authorization Management Program (FedRAMP)
  • National Institute of Standards and Technology (NIST)
  • Privacy Shield
  • Payment Card Industry Data Security Standard (PCI DSS)
  • Sarbanes-Oxley (SOX)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • International Organization for Standardization (ISO)
  • General Data Protection Regulation (GDPR)

Lets understand the work of these frameworks:

Consortium for IT Software Quality (CISQ) It develops the structure quality and the size of software applications. 

Control Objectives for Information Related Technology (COBIT)Control Objectives for Information Related Technology (COBIT) framework to address the issue of risk reduction in financial organizations. 

Federal Risk and Authorization Management Program (FedRAMP)It  is a framework that provides a standardized way for government agencies to evaluate the risks of cloud-based software solutions and infrastructure platforms. 

National Institute of Standards and Technology (NIST) – A Framework for improving critical infrastructure Cybersecurity with a goal to improve organization’s readiness for managing cybersecurity risk by leveraging standard methodologies and processes

Privacy ShieldPrivacy Shield Framework  which were issued to ensure that US companies complied with European Union (EU) data protection standards when transferring EU data across borders.

Payment Card Industry Data Security Standard (PCI DSS) –  These are the set of security controls required to protect the payment account details security such as credit card, debit card, and cash card transactions.

Sarbanes-Oxley (SOX) – It established a framework setting out mandatory controls for public companies.

Health Insurance Portability and Accountability Act (HIPAA) – It is a framework governing the activities of anyone who collects, stores, or processes personal health information (PHI).  This includes hospitals, clinics, medical services providers, and insurance companies.

International Organization for Standardization (ISO) 27001/27002 – These include the best practies for information security management and information security program elements.

General Data Protection Regulation (GDPR) –  It is a compliance framework setting out rigorous conditions, guidelines, and penalties for organizations and individuals that collect, store, and process the personal information of European Union (EU) citizens and residents for protecting the data privacy of individuals.

This image has an empty alt attribute; its file name is snip20200516_4-1.png

About DocTooLss :

We make Technology EaZy via Docs” 

Follow us @doctools8 | WordPress: www.doctoolss.wordpress.com | Website: www.doctoolss.com | Facebook: https://www.facebook.com/DTdoctoolss/

One Reply to “Cybersecurity Frameworks”

Leave a Reply

Your email address will not be published. Required fields are marked *