We can custom-write this cybersecurity documentation, edit your pre-existing documentation, or we can work with ComplianceForge to leverage their award-winning documentation as a base to work from. Our experience covers these frameworks and common obligations from application statutory / regulatory / contractual sources:

​

• Industry Frameworks 

  • AICPA GAPP

  • AICPA SOC 2 (2016)         

  • AICPA SOC 2 (2017)

  • CIS CSC v6.1

  • COBIT v5

  • CSA CCM v3.0.1

  • ENISA v2.0

  • ISO 27002 v2013

  • ISO 27018 v2014

  • NIST 800-53 rev 4

  • NIST 800-53 rev 5 [draft]

  • NIST 800-171 rev 1

  • NIST Cybersecurity Framework rev 1

  • PCI DSS v3.2        

  • UL 2900-1

• US Federal Data Security Laws

  • COPPA

  • DFARS 252.204-70xx

  • FACTA

  • FAR 52.204-21

  • FDA 21 CFR 11

  • FedRAMP [moderate]

  • FINRA

  • GLBA

  • HIPAA

  • NERC CIP

  • NISPOM

  • SOX

• US State Data Security Laws 

  • CA SB 1386

  • MA 201 CMR 17.00

  • NY DFS 23 NYCRR500

  • OR 646A

• Europe, Middle East & Africa (EMEA) - Data Protection Acts 

  • ePrivacy [draft]

  • GDPR

  • Austria

  • Belgium

  • Czech Republic

  • Denmark

  • Finland

  • France

  • Germany

  • Greece

  • Hungary

  • Ireland

  • Israel

  • Italy

  • Luxembourg

  • Netherlands

  • Norway

  • Poland

  • Portugal

  • Russia

  • Slovak Republic

  • South Africa

  • Spain

  • Sweden

  • Switzerland

  • Turkey

  • UAE

  • UK          

• Asia Pacific (APAC) - Data Protection Acts 

  • Australia

  • China DNSIP

  • Hong Kong

  • India ITR

  • Indonesia

  • Japan

  • Malaysia

  • New Zealand

  • New Zealand NZISM

  • Philippines

  • Singapore

  • Singapore MAS TRM

  • South Korea

  • Taiwan  

• Americas - Data Protection Acts 

  • Argentina

  • Bahamas

  • Canada

  • Chile

  • Columbia

  • Costa Rica

  • Mexico

  • Peru
     

Contact us so that we can understand your needs and come up with a plan to help you!

​