Skip links

Compliance

Compliance Frameworks

Compliance frameworks are standards or legal requirements that have been developed by industry organizations or authorities that allow for both self-assessments as well as a form of communication to others about your way of operating.

Standards that CyberVade has developed expertise in include the following:

- SOC2 (Type I and Type II)
- GDPR (EU and other variants)
- NIST CFS / NIST 800-171
- PCI-DSS (SAQ A, SAQ A-Ep, SAQ B-IP, SAQ C and SAQ C-VT)
- HIPAA (Health Insurance Portability and Accountability Act 1996)
- Cyber Essentials
- CIS Controls v8 (IG1, IG2, IG3)
- Cyber Insurance Readiness

Compliance - Compliance Frameworks
Compliance - Compliance Framework Introduction

Compliance Framework Introduction

Organizations that have decided to adopt a certain framework out of their own initiative or as a compliance requirement, find that their implementation of the requirement is best done under guidance of a service provider that has relevant experience and tools.

CyberVade is at your service to assist in quickly setting a procedural and technical baseline which serves as the basis to start building all the remaining required policy and procedures. In that process CyberVade assists in providing template policies and procedures as well as controls. We also advise about evidence collection and documentation and offer tools to effectively manage the documental evidence.

Compliance Readiness

Organizations that have already adopted a compliance framework on their own have benefits to assess their readiness for an audit prior to the audit taking place. CyberVade can assist in giving such organizations a quick overview of their readiness to undergo an audit.

Compliance - Compliance Readiness
Compliance - Compliance Monitoring

Compliance Monitoring

Complying with a certain standard is not a snapshot activity, it is an ongoing activity requiring discipline by multiple persons and departments and the requirements change from time-to-time. CyberVade assists clients to keep the compliant status current by performing periodic compliance review with the clients and assists in remediating any findings that deviate from the standard.

Certification Audits

CyberVade works with partners that conduct certification audits on many of the compliance frameworks listed above. Because CyberVade has aligned their work procedures in assisting clients to comply with standards, these audits, although entirely independent, can be expected to be conducted efficiently.

Compliance - Compliance Monitoring