Zenlayer

Federal Information Security Management Act

FISMA 2014 codifies the Department of Homeland Security's role in administering the implementation of information security policies for federal Executive Branch civilian agencies, overseeing agencies' compliance with those policies, and assisting OMB in developing those policies.

Health Insurance Portability and Accountability Act

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge.

International Standard for Standardization 14001

ISO 14001 is an internationally agreed standard that sets out the requirements for an environmental management system.

International Standard for Standardization 22301

ISO 22301 is the international standard for Business Continuity Management (BCM). It provides a practical framework for setting up and managing an effective business continuity management system.

International Standard for Standardization 23001

It is an international standard published by the International Organization for Standardization (ISO), and it describes how to manage business continuity in an organization.

International Standard for Standardization 27001

ISO/IEC 27001 is the world's best-known standard for information security management systems (ISMS).

International Standard for Standardization 45001

ISO 45001 is an international standard for health and safety at work developed by national and international standards committees independent of government.

International Standard for Standardization 50001

ISO 50001 is based on the management system model of continual improvement also used for other well-known standards such as ISO 9001 or ISO 14001. This makes it easier for organizations to integrate energy management into their overall efforts to improve quality and environmental management.

International Standard for Standardization 9001

ISO 9001 sets out the criteria for a quality management system. This standard is based on a number of quality management principles including a strong customer focus, the motivation and implication of top management, the process approach and continual improvement.

International Standard for Standardization 9001:2015

ISO 9001:2015 states the requirements for your Quality Management System (QMS).

International Standard for Standardization IEC 20000

ISO/IEC 20000 is the international ITSM (IT service management) standard. It enables IT departments to ensure that their ITSM processes are aligned with the business's needs and international best practices.

NIST: Security and Privacy Controls for Information Systems and Organizations

A catalog of security and privacy controls for information systems and organizations to protect organizational operations and assets, individuals, other organizations, and the Nation from a diverse set of threats and risks, including hostile attacks, human errors, natural disasters, structural failures, foreign intelligence entities, and privacy risks.

NIST: Definition of Cloud Computing

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

Payment Card Industry Data Security Standard

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard used to handle credit cards from major card brands.

System and Organization Controls 1

System and Organization Controls 1, or SOC 1, aims to control objectives within a SOC 1 process area and documents internal controls relevant to an audit of a user entity's financial statements.

System and Organization Controls 1 Type 1

Report on the fairness of the presentation of management's description of the service organization's system and the suitability of the design of the controls to achieve the related control objectives included in the description as of a specified date.

System and Organization Controls 1 Type 2

Report on the fairness of the presentation of management's description of the service organization's system and the suitability of the design and operating effectiveness of the controls to achieve the related control objectives included in the description throughout a specified period.

System and Organization Controls 2

SOC 2 is an auditing procedure that ensures your service providers securely manage your data to protect the interests of your organization and the privacy of its clients.

System and Organization Controls 2 Type 1

SOC 2 Type 1 compliance evaluates an organization's cybersecurity controls at a single point in time.

System and Organization Controls 2 Type 2

SOC 2 Type 2 compliance evaluates an organization's cybersecurity controls over a period of time.

Statement on Standards for Attestation Engagements 16 Type 1

The SSAE 16 audit will result in a Service Organization Control (SOC) 1 report.