ISO 27001
Information Security Management Systems (ISMS)
ISO/IEC 27001 is the world's best-known standard for information security management systems (ISMS). With cyber-crime on the rise and new threats constantly emerging, it can seem difficult or even impossible to manage cyber-risks.
Conformity with ISO/IEC 27001 means that an organization has put in place a system to manage risks related to the security of data owned or handled by the company. It helps organization become risk-aware and proactively identify and address weaknesses.ISO 20000
International IT Service Management Standard (ISMS)
ISO/IEC 20000 is the international IT Service Management standard that enables IT organisations (whether in-house, outsourced or external) to ensure that their IT service management processes are aligned both with the needs of the business and with international best practice.
It helps organisations benchmark how they deliver managed services, measure service levels, and assess their performance. .SOC-2
System and Organization Controls
SOC 2 (System and Organization Controls) is an auditing framework developed by the American Institute of Certified Public Accountants (AICPA) that assesses an organization's controls related to security, availability, processing integrity, confidentiality, and privacy. These five areas, known as the Trust Services Criteria, form the principles of SOC 2.
This applies to service organizations that store, process, or transmit sensitive data on behalf of their clients or user entities, such as cloud computing, data storage, SaaS, infrastructure as a service (IaaS), and managed IT services where data security, privacy, and system reliability are critical.PCI-DSS
Payment Card Industry Data Security Standard
The Payment Card Industry Data Security Standard (PCI DSS) is administered by the PCI Security Standards Council (PCI SSC) to decrease payment card fraud across the Internet and increase payment card data security. Organisations that accept, store, transmit or process cardholder data must comply with the PCI DSS.
If you are a merchant or a subcontractor or a service provider including a software developer, the PCI DSS applies to you if you process, transmit or store cardholder data, or your activities affect the security of the cardholder data as it is being processed, transmitted or stored.CIS
Critical Security Controls
The CIS Critical Security Controls (CIS Controls) are a prescriptive, prioritized, and simplified set of best practices that you can use to strengthen your cybersecurity posture. It consists of Safeguards that each require you to do one thing. This simplified cybersecurity approach is proven to help you defend against today's top threats. By implementing the CIS Controls, you create an on-ramp to comply with PCI DSS, HIPAA, GDPR, and other industry regulations. Today, thousands of cybersecurity practitioners from around the world use the CIS Controls in a meaningful way to align the security efforts with business goals.