Common Cybersecurity Compliance Requirements

2017-guide-complianceforge-cybersecurity-product-selection-guide-2.jpg 

In the categories listed below, you will find the most common cybersecurity and privacy compliance requirements that our clients face. Each of these cybersecurity-specific statutory, regulatory and contractual requirements has one or more ComplianceForge product available to help you become and stay compliant with these obligations.

Please keep in mind that very often, companies have to comply with more than just one requirement, so if you have any questions, please contact us for clarification, since we want to ensure you select the right products for your needs. 

2017-guide-complianceforge-compliance-nist-800-171.jpg  

ComplianceForge currently offers several products that are designed to assist companies with NIST 800-171, which is required by Defense Federal Acquisition Regulation Supplement (DFARS):

The NCC product is considered a "consultant in a box" product to provide consultant-level guidance on how to comply with NIST 800-171. The WISP and DSP are program-level policies and standards that will provide you with evidence you need to demonstrate compliance.

We also provide a wealth of free NIST 800-171 educational resources materials. We want to help companies understand their requirements with this regulation.

2017-guide-complianceforge-compliance-federal-acquisition-regulation-cybersecurity.jpg  

There are many ways to comply with the cybersecurity requirements of the US government's Federal Acquisition Regulation (FAR). When you look at choosing ISO or NIST from the viewpoint of complying with FAR, there are considerations that need to be accounted for since FAR has different requirements from Defense Federal Acquisition Regulation Supplement (DFARS) and for some companies, they need to comply with both.

  • If you only need to address FAR 52.204-21, it is possible to comply with either ISO 27002 or NIST 800-53.
  • However, if you need to address DFARS 252.204-7012, then ISO 27002 is insufficient and you need to align with NIST 800-53.
2017-guide-complianceforge-compliance-eu-gdpr.jpg  

ComplianceForge currently offers several products that are designed to assist companies with the European Union General Data Protection Regulation (EU GDPR):

The EU GDPR can be addressed by aligning cybersecurity practices with either ISO 27002 or NIST 800-53. However, those frameworks alone will not sufficiently demonstrate evidence of due care or due diligence with building both cybersecurity and privacy principles "by default" into processes, applications or projects that could impact personal information of EU residents. This is where the Security & Privacy By Design (SPBD) product helps organizations operationalize security and privacy principles.

2017-guide-complianceforge-compliance-pci-dss.jpg  

ComplianceForge currently offers several products that are designed to assist companies with PCI DSS compliance:

2017-guide-complianceforge-compliance-ny-dfs-nycrr-500.jpg  

ComplianceForge currently offers several products that are designed to assist companies with NY DFS 23 NYCRR 500 compliance:

2017-guide-complianceforge-compliance-ma-201-cmr-17.jpg  

ComplianceForge currently offers several products that are designed to assist companies with Massachusetts 201 CMR 17.00 compliance:

 

We also offer bundles to save you up to 50% discounts!!

2017-cybersecurity-audit-preparation-integrated-comprehensive-cybersecurity-program-documentation-example.jpg

 

    There are no products in this category.

Sign up for our Newsletter!

×
×