An auditing procedure developed by the American Institute of Certified Public Accountants (AICPA) that ensures service providers are securely managing data to protect the interests and privacy of their clients. The SOC 2 Type I report focuses on the design of the service organization's controls at a specific point in time while the SOC 2 Type II report includes details on the operational effectiveness of the organization's controls over a defined period (typically, six months to one year).
A set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment. https://www.pcisecuritystandards.org/document_library/
The NIST Cybersecurity Framework, created through collaboration between industry and government, consists of standards, guidelines, and practices to promote the protection of critical infrastructure through effective information security management. https://www.nist.gov/cyberframework
FS-ISAC collaborated with members of the Financial Services Sector Coordinating Council (FSSCC) on an automated tool to assist financial institutions of all sizes to collect and score their responses to the Federal Financial Institutions Examination Council’s Cybersecurity Assessment Tool.
ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS), a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process., and can help small, medium and large businesses in any sector keep information assets secure.
Sponsored by vCISO Services, LLC - A leading provider of vCISOs
Copyright © 2023 vCISO Services, LLC. Veteran Owned. All Rights Reserved.
231 Public Square Suite 300
Franklin, Tennessee 37064
(833) VCISOSV (833-824-7678)