Compliance

Whilst organisations have significant reasons to protect their own data and that of their customers, members or other users, they generally need to be comply with some regulation or standard in order to do so, these include:

  • ISO 27000 series of Information Security Standards

  • Payment Card Industry Data Security Standard (PCI DSS)

  • COBIT (Control Objectives for Information and Related Technology (COBIT) is a framework created by ISACA (Information Systems Audit and Control Association)

  • ITIL (ITIL (formerly Information Technology Infrastructure Library) now often known as ITSM (IT service management)

  • Data Protection Regulations (EU and State in the US)

Organisations also need to comply with broader regulations that have a significant component or specific requirement related to Information Security, such as SOX (Sarbanes-Oxley Act), HIPAA (Health Insurance Portability and Accountability Act), (FISMA) Federal Information Security Management Act ).

VigiTrust’s compliance platforms and services integrate policy and procedure dissemination, eLearning, assessment, testing, reporting.