• Home
  • SMB Resources
  • SMB Security Frameworks
  • vCISO Resources
  • More
    • Home
    • SMB Resources
    • SMB Security Frameworks
    • vCISO Resources
  • Sign In

  • My Account
  • Signed in as:

  • filler@godaddy.com


  • My Account
  • Sign out


Signed in as:

filler@godaddy.com

  • Home
  • SMB Resources
  • SMB Security Frameworks
  • vCISO Resources

Account


  • My Account
  • Sign out


  • Sign In
  • My Account

SMALL AND MIDSIZED BUSINESSES SECURITY FRAMEWORKS

Service Organization Control 2 (SOC2)

An auditing procedure developed by the American Institute of Certified  Public Accountants (AICPA) that ensures service providers are securely  managing data to protect the interests and privacy of their clients. The SOC 2 Type I report focuses on the design of the service organization's controls at a specific point in time while the SOC 2 Type II report includes details on the operational effectiveness of the organization's controls over a defined period (typically, six months to one year).

https://us.aicpa.org/interestareas/frc/assuranceadvisoryservices/aicpasoc2report

Payment Card Industry Data Security Standard (PCI-DSS)

A set of security standards designed to ensure that all companies that  accept, process, store or transmit credit card information maintain a  secure environment. https://www.pcisecuritystandards.org/document_library/

NIST Cybersecurity Framework

The NIST Cybersecurity Framework, created through collaboration between industry and government, consists of standards, guidelines, and practices to promote the protection of critical infrastructure through effective information security management. https://www.nist.gov/cyberframework

FSSCC Automated Cybersecurity Assessment Tool

FS-ISAC collaborated with members of the Financial Services Sector Coordinating Council (FSSCC) on an automated tool to assist financial institutions of all sizes to collect and score their responses to the Federal Financial Institutions Examination Council’s Cybersecurity Assessment Tool.

 https://fsscc.org/wp-content/uploads/2021/02/FSSCC_ACAT_v2_1.xlsx


ISO 27001 Information Security Framework

ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS), a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process., and can help small, medium and large businesses in any sector keep information assets secure.

https://www.iso.org/isoiec-27001-information-security.html

Provided by Greg Schaffer Consulting, LLC

Copyright © 2025 Greg Schaffer Consulting, LLC. Veteran Owned. All Rights Reserved.

231 Public Square Suite 300

Franklin, Tennessee 37064

(833) VCISOSV (833-824-7678)

  • Home
  • Contact Us
  • Privacy Policy
  • SMB Resources
  • SMB Security Frameworks
  • vCISO Resources

Cookie Policy

This website uses cookies. By continuing to use this site, you accept our use of cookies.

DeclineAccept & Close