Compliance Standards

---

The National Institute of Standards and Technology (NIST) was founded in 1901 and is now part of the U.S. Department of Commerce.

Innumerable products and services rely in some way on technology, measurement, and standards provided by the National Institute of Standards and Technology. Click here for NIST Special Publication documentation. Add a description about this item

The PCI Security Standards Council is a global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection. 

Click here for the official PCI document library.

he Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

Click here for FedRAMP related documents.

The ISO/IEC 27000 family of standards helps organizations keep information assets secure - such as financial information, intellectual property, employee details or information entrusted to you by third parties.

ISO/IEC 27001 is the best-known standard in the family providing requirements for an Information Security Management System (ISMS).

The Sarbanes–Oxley Act of 2002, (SOX) protects investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes. Click here for the Sarbanes-Oxley Compliance Checklist.

The regulation will apply to all industries across the European Union. In preparation for the regulation, the Cloud Security Alliance (CSA) has prepared various tools and resources to help both enterprises and cloud service providers comply with the regulation.