COMPLIANCE Flashcards
PCI-DSS
if card data stored, we must respect these rules
FISMA
all the government, and corps working for them. Limit the risks for critical data.
SOX (Sarbannes Oxley)
All public corp and accountable to audit financial reports
HIPAA
Health Insurance Portability and Accountability Act:
health’s corp that share transfert /handle data should be concerned to HIPAA
GLBA
Gram-Leach-Biley Act: each finnancial institution should have policy and process to non-public data and how to protect them
Iso27001 ISMS
Auditable international Standard for security of IT System (ISMS)
NIST-800-42
Testing methodologie for security
Common Criteria
international set of specifications and guideline to evaluate IS
NIST-800-53
Security Controls to US Federall agencies