Compliance Standards Archives | Page 6 of 82

ISO 42001

ISO/IEC 42001 Webinar Recap: How to Implement Your AI Management System (AIMS)

by RSI Security November 28, 2025November 27, 2025

Over the past three weeks, our ISO/IEC 42001 webinar series has laid the groundwork for responsible and scalable AI management system. We explored what ISO 42001 entails, how it aligns with the NIST AI Risk Management Framework, and its integration with existing programs like ISO 27001 and GDPR.

In this final session, we shifted from understanding why AI governance is essential to actionable implementation. Below is a detailed recap of our discussion, designed to guide teams in transforming awareness into practice and starting to build a functional, auditable AI management system (AIMS).

November 28, 2025November 27, 2025 0 comment

NIST AI RMF

How San José Is Using the NIST AI RMF to Build Trustworthy AI

by RSI Security November 24, 2025November 27, 2025

written by RSI Security

As artificial intelligence (AI) becomes increasingly embedded in government operations, cities across the U.S. face a critical challenge: ensuring these systems remain fair, safe, transparent, and trustworthy. The City of San José, California, one of the country’s leading technology hubs, has emerged as an early model for responsible public-sector AI. San José is one of the first municipalities to formally evaluate its AI programs using the NIST AI Risk Management Framework (AI RMF). Through a collaboration with the National Institute of Standards and Technology, the city applied the AI RMF to assess its AI governance maturity, identify risks, and strengthen safeguards across all AI-related activities.

This NIST AI RMF case study reveals not only what San José is doing well, but also where public-sector organizations must continue improving to deploy trustworthy, risk-aware AI systems.

November 24, 2025November 27, 2025 0 comment

SOC 2

Who Needs SOC 2 Compliance?

by RSI Security November 19, 2025November 19, 2025

written by RSI Security

If you’re unsure whether SOC 2 compliance is necessary for your organization, ask yourself the following:

Industry requirements: Which industries and niches specifically require SOC 2 compliance?
Report types: Which type of SOC 2 report, Type I or Type II, best fits your needs?
SOC framework differences: How does SOC 2 differ from SOC 1 and SOC 3?

Other Compliance frameworks: Are there other SOC or security frameworks that might apply to your organization?

November 19, 2025November 19, 2025 0 comment

NIST AI RMF

Generative Artificial Intelligence Risk & NIST AI RMF

by RSI Security November 17, 2025November 18, 2025

written by RSI Security

Generative Artificial Intelligence offers organizations across industries significant productivity and efficiency gains, but it also introduces new risks. The NIST AI RMF (AI Risk Management Framework) provides a structured approach to identify, assess, and mitigate these risks while maximizing the benefits of generative AI.
Is your organization prepared for secure and compliant AI adoption? Schedule a consultation today to ensure your AI initiatives are safe, responsible, and aligned with industry standards.

November 17, 2025November 18, 2025 0 comment

NIST AI RMF

Roadmap to Achieving NIST AI RMF

by RSI Security November 14, 2025December 2, 2025

written by RSI Security

Organizations embracing artificial intelligence (AI) to streamline operations must also prepare for the unique risks it. The NIST AI Risk Management Framework (AI RMF) provides a structured, trustworthy approach to identifying, evaluating, and mitigating these risks across the AI lifecycle. Implementing this framework helps internal teams establish clear governance and gives external stakeholders confidence in your organization’s responsible AI practices.

Is your organization ready to align with the NIST AI Risk Management Framework? Schedule a consultation to get started.

November 14, 2025December 2, 2025 0 comment

SOC 2

10 Common Questions About SOC 2 Compliance

by RSI Security November 13, 2025November 20, 2025

written by RSI Security

SOC 2 Compliance is a critical standard for service-oriented businesses aiming to protect client data and build trust. Developed by the American Institute of CPAs (AICPA), SOC 2 provides a framework for managing and securing sensitive information. While achieving SOC 2 compliance can seem complex, understanding its requirements is essential for safeguarding data, meeting client expectations, and demonstrating a strong commitment to cybersecurity.

November 13, 2025November 20, 2025 0 comment

CMMC

CMMC Implementation Timeline, Why You Must Act Now

by RSI Security November 12, 2025January 5, 2026

written by RSI Security

The CMMC implementation timeline is no longer a distant concern for DoD contractors, it’s an urgent priority. The Department of Defense (DoD) is enforcing cybersecurity requirements through the Cybersecurity Maturity Model Certification (CMMC) 2.0 framework, with all new contracts requiring compliance by 2026. At the same time, the Defense Federal Acquisition Regulation Supplement (DFARS) requires organizations to implement NIST SP 800-171 controls as the baseline for security.

Delaying CMMC implementation now puts contractors at risk of disqualification from future defense contracts, a risk that will only grow as competition intensifies.

November 12, 2025January 5, 2026 0 comment

ISO 42001

The Perfect Partnership: ISO 42001 and NIST AI RMF

by RSI Security November 12, 2025November 12, 2025

written by RSI Security

From predictive algorithms driving healthcare innovation to generative AI transforming legal and financial services, artificial intelligence is evolving, and scaling, at unprecedented speed. Yet as adoption grows, many organizations struggle to align with consistent governance frameworks and risk management practices. Implementing an AI Management System (AIMS) built on ISO 42001 standards, alongside the NIST AI Risk Management Framework (AI RMF), provides a structured, accountable foundation for responsible AI operations. Together, these frameworks help organizations balance innovation with compliance, transparency, and trust in a rapidly advancing digital ecosystem.

November 12, 2025November 12, 2025 0 comment

SOC 2

Who Needs to be SOC 2 Compliant?

by RSI Security November 11, 2025November 20, 2025

written by RSI Security

Depending on your business and the type of data you handle, you may need to be SOC 2 compliant to meet the security standards set by the American Institute of CPAs (AICPA). SOC reports, SOC 1, SOC 2, and SOC 3, apply mainly to service organizations that store, process, or manage customer data.

So, who exactly needs to be SOC 2 compliant, and what does SOC 2 cover? Keep reading to find out everything you need to know about SOC 2 compliance and how it protects sensitive data

November 11, 2025November 20, 2025 0 comment

CMMC

What Are the Different Levels of Cybersecurity Maturity Model Certification?

by RSI Security November 11, 2025January 8, 2026

written by RSI Security

In 2020, Department of Defense (DoD) contractors were required to implement robust cybersecurity protocols in response to increasing security breaches. One of the most significant incidents occurred on October 4, 2018, affecting over 30,000 civilian and military contractors. To prevent future breaches, companies that handle Controlled Unclassified Information (CUI) must demonstrate that their networks and systems meet stringent security standards. Achieving this requires compliance with the applicable Cybersecurity Maturity Model Certification (CMMC) levels for the type of data they manage. Before contractors and their partners can obtain certification, they need a clear understanding of the CMMC framework and its five distinct levels.

November 11, 2025January 8, 2026 0 comment