Learn more about 24/7 managed SOC-as-a-Service from MPG. Explore MPGSOC
The Federal Risk and Authorization Management Program (FedRAMP) provides a standardized approach to security authorizations for Cloud Service Offerings.
The Federal Information Security Modernization Act, or FISMA governs how the Department of Homeland Security (DHS) administers information security policies for US Government Executive Branch agencies.
NIST 800-171 is another SP (Special Publication) developed by the National Institute of Standards and Technology (NIST) to standardize how federal agencies define Controlled Unclassified Data (CUI) and the IT security standards for those that have access to it. Unlike NIST 800-53, SP 800-171 is a set of requirements for intended federal contractors.
NIST 800-53 was created by the National Institute of Standards and Technology (NIST) and outlines guidelines for privacy and cybersecurity for federal IT. Although it was created for federal information systems, this Risk Management Framework provides core guidance to other compliance frameworks.
The Cybersecurity Maturity Model Certification (CMMC) is a regulation framework for DoD contractors. The CMMC program evolved as a more robust response to ineffective cybersecurity measures set out in the Defense Federal Acquisition Regulation Supplement (DFARS).
The Gramm-Leach-Bliley Act (GLBA) requires financial institutions or organizations who offer financial services to take the appropriate measures to safeguard customer data.
General Data Protection Regulation (GDPR) provides a security framework around how personal data is collected stored, handled, and processed. While GDPR originated in the EU, it applies to any enterprise that comes in contact with personal data of any EU citizen or resident.
The Payment Card Industry Data Security Standard is a compliance framework created to protect the financial information of card holders and prevent unauthorized usage.
Health Insurance Portability and Accountability Act (HIPAA) of 1996 was created to protect all forms of health information confidentiality and data privacy. Organizations who handle, process, transfer, receive or store any patient's health information must adhere to HIPAA compliance requirements.