Home Compliance Standards
Category:

Compliance Standards

Staying informed about all of the cyber security compliance standards is essential to keeping your company safe from hackers. Read on to learn about the various steps you can take to stay up to date with your industry’s compliance standards.

cui
CMMC

What is Controlled Unclassified Information?

by RSI Security
written by RSI Security

Companies contracted with the Department of Defense (DoD) come into contact with sensitive information constantly. That’s why they need to comply with cybersecurity frameworks like the Cybersecurity Maturity Model Certification (CMMC) to retain preferred contractor status. One of the primary data types CMMC is designed to protect is the class of information known as “controlled unclassified information” (CUI).

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
NIST 800-171 Assessment Methodology Overview
NIST 800-171 / DFARS

NIST 800-171 Assessment Methodology Overview

by RSI Security
written by RSI Security

The Defense Industrial Base (DIB) sector is a vast business network containing some of the most critical infrastructures in the US. Working in partnership with or for the Department of Defense (DoD) as a contractor can be lucrative, but that comes at the cost of high risks to your own company and the safety of all Americans. That’s why you’ll need to ensure compliance with various DoD cybersecurity frameworks, and the NIST 800-171 assessment methodology is a critical first step in that direction. 

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
iso
HITRUST

Beginner’s Guide to HITRUST ISO 27001 Mapping

by RSI Security
written by RSI Security

Companies looking to expand their horizons in an increasingly mobile business environment are likely to face shifting, overlapping, and even conflicting compliance needs. The goal of “mapping frameworks” (or optimizing practices to satisfy multiple frameworks’ controls) minimizes inefficiencies while meeting all security requirements.

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
assessment
CMMC

Who are the CMMC-AB and What do They Do?

by RSI Security
written by RSI Security

The Cybersecurity Maturity Model Certification (CMMC) is a new regulatory framework that will soon be required for all contractors with the US Department of Defense (DoD). These contracts can be lucrative, but they’re hard to lock down without preferred status. For that, your business will need to work on getting certified through a qualified assessor accredited by the CMMC Accreditation Body (CMMC-AB).

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
A Beginner’s Guide for HITRUST to ISO 27001 Mapping
HITRUST

A Beginner’s Guide for HITRUST to ISO 27001 Mapping

by RSI Security
written by RSI Security

Companies looking to expand their horizons in an increasingly mobile business environment are likely to face shifting, overlapping, and even conflicting compliance needs. The goal of “mapping frameworks” (or optimizing practices to satisfy multiple frameworks’ controls) minimizes inefficiencies while meeting all security requirements.

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
Technical
SOC 2

Who Needs to be SOC 2 Compliant?

by RSI Security
written by RSI Security

Depending on your business and clientele, you may need to comply with security requirements established by the American Institute of CPAs (AICPA). The System and Organization Controls (SOC) numbered 1, 2, and 3 apply to service organizations, particularly those that store, process, or come into contact with consumer data.

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
Managed cloud security
SOC 2

Your Guide to SOC 2 Cloud Security

by RSI Security
written by RSI Security

One of COVID-19’s direct impacts on businesses has been the acceleration toward cloud solutions. Cloud computing and data storage have skyrocketed — in fact, cloud spending increased 37% during the first months of the pandemic. In turn, this means more companies now need to focus on their cloud security practices, especially concerning regulatory compliance requirements. For example, service organizations need to comply with the American Institute of CPAs (AICPA) SOC guidelines and SOC cloud security requirements.

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
What is a SOC 2 Report, and Do You Need One?
SOC 2

What is a SOC 2 Report, and Do You Need One?

by RSI Security
written by RSI Security

The American Institute of CPAs (AICPA) has determined a set of requirements your company may need to follow if it is a “service organization” that stores sensitive user data on the cloud. These requirements are known as Security Organization Controls (SOC), and audits to ensure they’re in place are referred to as SOC reporting.

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
Regulatory Comparison: CMMC vs. FedRAMP
CMMC

Regulatory Comparison: CMMC vs. FedRAMP

by RSI Security
written by RSI Security

If your company seeks lucrative contracts with the US Department of Defense (DoD) or other governmental agencies, you’ll need to keep your cybersecurity up to date. In practice, that means complying with several cyberdefense frameworks, many of which overlap in critical ways. Read on to learn all about CMMC vs. FedRAMP regulatory compliance.

Continue Reading
0 comment
0 FacebookTwitterGoogle +LinkedinEmail
Load More Posts

This website uses cookies to improve your experience. If you have any questions about our policy, we invite you to read more. Accept Read More