ALIGNMENT IS KEY – ENTERPRISE-CLASS COVERAGE OF LEADING FRAMEWORKS
The DSP is the most comprehensive document we’ve made and it is targeted for enterprise-class organizations that have a need to align to these leading frameworks and requirements:
NIST 800-53 NIST 800-171 NIST Cybersecurity Framework (CSF) National Industrial Security Program Operating Manual (NISPOM) Defense Federal Acquisition Regulation Supplement (DFARS) Federal Acquisition Regulation (FAR) FedRAMP Fair & Accurate Credit Transactions Act (FACTA) Financial Industry Regulatory Authority (FINRA)
ISO 27002 ISO 27018 Generally Accepted Privacy Principles (GAPP) Payment Card Industry Data Security Standard (PCI DSS) Control Objectives for Information and Related Technology (COBIT 5) Health Insurance Portability and Accountability Act (HIPAA) Sarbanes Oxley Act (SOX) Gramm Leach Bliley Act (GLBA) NY DFS 23 NYCCRR 500
American Institute of CPAs (AICPA) Service Organization Control (SOC2) Center for Internet Security Critical Security Controls (CIS CSC) Cloud Security Alliance Cloud Controls Matrix (CSA CCM) European Union Agency for Network and Information Security (ENISA) European Union General Data Protection Regulation (EU GDPR) United Kingdom Data Protection Act (UK DPA) Massachusetts 201 CMR 17.00 Oregon Identity Theft Protection Act (ORS 646A)
[click to see an example from the Excel version of the DSP]
DSP Product Walkthrough Video
If you have a few minutes, please watch the video for information about the DSP, as well as a look at the deliverables.