Verifiable compliance with International Standards, internal policies and accepted best practice. Increasing regulatory enforcement by Central Banks and Industry Regulators is a fact of business life, but achieving compliance within the IT infrastructure can be massively simplified through use of automated compliance solutions.
Assuria compliance assessment solutions allow easy compliance assessment and remediation to rapidly bring systems up to a compliant state, and crucially, through automatic monitoring to maintain that compliance on an ongoing basis.
Assuria helps enforce IT Security Compliance standards
- Payment Card Industry Data Security Standard (PCI DSS). The PCI security standards are technical and operational requirements that were created to help organisations that process card payments prevent credit card fraud, hacking and various other security vulnerabilities and threats.
- ISO27001. International Organisation for Standardisation (ISO) 27000 series Information Security Standards (also known as the 'ISMS Family of Standards' or 'ISO27k' for short).
- Public Services Network Code of Connection (PSN CoCo). The Public Services Network is the successor to the Government Connect Secure Extranet (GCSx) and Government Secure Intranet (GSi). The PSN is a UK government Wide Area Network, whose main purpose is to enable connected organisations, including local authorities and central government, to communicate electronically and securely at low protective marking levels. The customer Code of Connection (CoCo) provides a minimum set of security standards that organisations must adhere to when joining the PSN.
- UK Government Connect Secure Extranet (GCSx) Code of Connection (CoCo). In the UK Local authorities need to sign up to the Code of Connection (CoCo) that defines the minimum standards and processes that an authority must comply with before being able to connect to GCSx.
- CESG Good Practise Guide 13. GPG13 Protective Monitoring Control
- Health Insurance Portability and Accountability Act of 1996 (HIPAA) to ensure that personal information stored, accessed, or processed adheres to a set of guidelines or “security rules.”
- The Sarbanes-Oxley Act (SOX). SOX created new corporate governance rules, regulations, and standards for SEC registrants. The section most relevant to public corporations is Section 404 - internal controls and procedures for financial reporting.
- Japanese Sarbanes Oxley or J-SOX is Japan's Financial Instruments and Exchange Law, enacted in response to corporate scandals. JSOX imposes internal controls to Monitor risks and controls in IT.