Compliance Standards Archives | Page 43 of 80

Your CMMC Self-Assessment Checklist

by RSI Security May 20, 2021June 18, 2021

Working as a contractor with the US Department of Defense (DoD) can provide lucrative short- and long-term opportunities for partnering companies. But it also requires strict adherence to multiple cybersecurity frameworks. The most recent of these, which has an ongoing roll-out, is the new Cybersecurity Model Maturity Certification (CMMC) framework. This framework is presided over by the Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD-A&S).

May 20, 2021June 18, 2021 0 comment

FINRA / Financial Industry

FINRA Compliance Requirements 101

by RSI Security May 19, 2021June 17, 2021

written by RSI Security

The Financial Industry Regulatory Authority (FINRA) is a non-governmental agency authorized by Congress to help regulate and protect the financial industry. Operating under the auspices of the SEC as a Self-Regulatory Organization (SRO), FINRA ensures that broker-dealers are honest and forthright and that financial data is kept secure.

May 19, 2021June 17, 2021 0 comment

CMMC

The Basics of DoD Information Assurance Awareness Training

by RSI Security May 18, 2021June 17, 2021

written by RSI Security

The US military and its broad network of businesses and individual contractors comprise the most critical infrastructure in the entire country. Any threat to the Department of Defense (DoD) resources and information could jeopardize all Americans’ security, both domestically and abroad.

May 18, 2021June 17, 2021 0 comment

CMMC

What is Controlled Unclassified Information?

by RSI Security May 12, 2021August 17, 2022

written by RSI Security

Companies contracted with the Department of Defense (DoD) come into contact with sensitive information constantly. That’s why they need to comply with cybersecurity frameworks like the Cybersecurity Maturity Model Certification (CMMC) to retain preferred contractor status. One of the primary data types CMMC is designed to protect is the class of information known as “controlled unclassified information” (CUI).

May 12, 2021August 17, 2022 0 comment

NIST 800-171 / DFARS

NIST 800-171 Assessment Methodology Overview

by RSI Security May 11, 2021May 11, 2021

written by RSI Security

The Defense Industrial Base (DIB) sector is a vast business network containing some of the most critical infrastructures in the US. Working in partnership with or for the Department of Defense (DoD) as a contractor can be lucrative, but that comes at the cost of high risks to your own company and the safety of all Americans. That’s why you’ll need to ensure compliance with various DoD cybersecurity frameworks, and the NIST 800-171 assessment methodology is a critical first step in that direction.

May 11, 2021May 11, 2021 0 comment

HITRUST

Beginner’s Guide to HITRUST ISO 27001 Mapping

by RSI Security May 11, 2021June 17, 2021

written by RSI Security

Companies looking to expand their horizons in an increasingly mobile business environment are likely to face shifting, overlapping, and even conflicting compliance needs. The goal of “mapping frameworks” (or optimizing practices to satisfy multiple frameworks’ controls) minimizes inefficiencies while meeting all security requirements.

May 11, 2021June 17, 2021 0 comment

CMMC

Who are the CMMC-AB and What do They Do?

by RSI Security May 10, 2021May 11, 2021

written by RSI Security

The Cybersecurity Maturity Model Certification (CMMC) is a new regulatory framework that will soon be required for all contractors with the US Department of Defense (DoD). These contracts can be lucrative, but they’re hard to lock down without preferred status. For that, your business will need to work on getting certified through a qualified assessor accredited by the CMMC Accreditation Body (CMMC-AB).

May 10, 2021May 11, 2021 0 comment

HITRUST

A Beginner’s Guide for HITRUST to ISO 27001 Mapping

by RSI Security May 5, 2021May 6, 2021

written by RSI Security

May 5, 2021May 6, 2021 0 comment

SOC 2

Your Guide to SOC 2 Cloud Security

by RSI Security April 23, 2021July 9, 2021

written by RSI Security

One of COVID-19’s direct impacts on businesses has been the acceleration toward cloud solutions. Cloud computing and data storage have skyrocketed — in fact, cloud spending increased 37% during the first months of the pandemic. In turn, this means more companies now need to focus on their cloud security practices, especially concerning regulatory compliance requirements. For example, service organizations need to comply with the American Institute of CPAs (AICPA) SOC guidelines and SOC cloud security requirements.

April 23, 2021July 9, 2021 0 comment

SOC 2

What is a SOC 2 Report, and Do You Need One?

by RSI Security April 22, 2021July 9, 2021

written by RSI Security

The American Institute of CPAs (AICPA) has determined a set of requirements your company may need to follow if it is a “service organization” that stores sensitive user data on the cloud. These requirements are known as Security Organization Controls (SOC), and audits to ensure they’re in place are referred to as SOC reporting.

April 22, 2021July 9, 2021 0 comment