Governance, Risk & Compliance Flashcards
Cyber Security & Privacy Policy Architecture
CipherTechs’ Policy Services performs policy review, update, or creation to assist organizations in either developing, updating, or revising cyber security, IT Audit, or privacy policy architecture from scratch or reviewing existing programs against industry standards, such as ISO 27000, NIST, or other industry best practices and regulations to include policies, standards, and guidelines.
CYBER SECURITY GAP ANALYSIS
Gap Analysis is a technique that businesses use to determine what steps need to be taken in order to move from its current state to its desired, future state.
EU GDPR
General Data Protection Regulation 2016/679 (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area that places new cybersecurity and privacy requirements on all covered entities.
HIPAA
CipherTechs auditors can perform gap assessments or audits against the Health Insurance Portability and Accountability Act (HIPAA), the U.
INTERNAL IT AUDIT SUPPORT
CipherTechs internal IT audit support can assist and augment an internal audit organization by performing hands-on internal support for IT audits and assessments.
NERC
North American Energy Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) requirements is a set of requirements that provide the energy sector a set of requirements, depending upon their operations – generation, distribution, transmission.
NYS DFS (23 NYCRR §500)
New York State’s Department of Financial Services (NYSDFS) Cybersecurity Regulation (23 NYCRR 500) is a new set of regulations from the NY Department of Financial Services (NYDFS) that places new cybersecurity requirements on all covered financial institutions.
PCI QSA
As Qualified Security Assessors (QSA), CipherTechs has been qualified by the Payment Card Industry (PCI) Security Council to independently assess compliance to the PCI Data Security Standard (DSS) standard.
