The Payment Card Industry Data Security Standard, or PCI DSS, is a regulatory standard developed by credit card companies to help protect cardholder data. It was introduced in 2004. If you process, store, or transmit credit card data, PCI DSS applies to you.

We provide assessments against: 1. General Data Protection Regulation (EU GDPR) 2. California Consumer Privacy Act of 2018 (CCPA) 3. Saudi Arabia Personal Data Protection Law (PDPL) 4. UAE Protection of Personal Data (PDPL). We also support many other MEA region frameworks.

The National Institute of Standards and Technology (NIST) Cybersecurity Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks. It provides a common language that allows staff at all levels within an organization—and at all points in a supply chain—to develop a shared understanding of their cybersecurity risks.

The Health Insurance Portability and Accountability Act, or HIPAA, is one of the best known regulatory compliance frameworks among consumers in the United States. Introduced in 1996, it sets various standards and requirements regarding health data, among other things.

The SOC-CMM model was created by evaluating scientific and non-scientific literature to determine characteristics and features of SOCs, such as specific technologies or processes. These characteristics and features were then aggregated into respective domains.

The CIS Controls (formerly known as Critical Security Controls) are a recommended set of comprehensive actions for cyber defense that provide specific and actionable ways to help prevent today’s most pervasive and dangerous attacks. On May 18, 2021, CIS launched version 8 of the controls, released at the global RSA Conference 2021.