Frameworks, standards and legislations
Image
GDPR
The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU).
Image
ISO/IEC 27002
ISO/IEC 27002 provides best practice recommendations on information security controls for use by those responsible for initiating, implementing or maintaining information security management systems (ISMS)
Image
ISAE 3000
Independent Auditor's ISAE 3000 (GDPR) statement with certainty regarding the description of data protection controls and processing of personal data
Image
ISO 31000
Risk Management – Guidelines, principles, framework and processes for managing risk. It can be used by any organization regardless of its size, activity or sector.
Image
ISO 50001
ISO 50001 supports organizations in all sectors to use energy more efficiently, through the development of an energy management system (EnMS).
Image
ISO 13485
Medical Devices - Quality Management System - Requirements for a comprehensive quality management system for the design and manufacturing of medical devices.
Image
ISO 22000
ISO 22000 sets out the requirements for a food safety management system and maps out what the organization needs to do, to demonstrate its ability to control food safety hazards. It can be used by any organization regardless of its size or position in the food chain.
Image
ISO 26000
ISO 26000 provides guidance on how businesses and organizations can operate in a socially responsible way. This means acting in an ethical and transparent way that contributes to the health and welfare of society.
Image
Money Laundering Directive
Fighting money laundering and terrorist financing contributes to global security, integrity of the financial system and sustainable growth. Laws to combat money laundering and the financing of terrorism are designed to prevent the financial markets from being misused for these purposes.
Image
Good Manufacturing Practice
Good Manufacturing Practice is the Quality Assurance that ensures products are consistently produced and controlled to the quality standards appropriate for their intended use and conform to the regulatory requirements stipulated by authorities.
Image
NIST 800-53
NIST 800-53 provides a catalog of security and privacy controls for federal information systems and organizations and a process for selecting controls to protect organizational operations, assets, individuals and other organizations from a diverse set of threats.
Image
ISO 14001
ISO 14001 specifies requirements for an effective environmental management system (EMS). It provides a framework that an organization can follow, rather than establishing environmental performance requirements.
Image
ISAE 3402
ISAE 3402 (IT Security) documents proper IT relationships at the company and serves as proof that you comply with legal requirements and good IT practice.
Image
MIFID II
MIFID II, is designed to offer greater protection for investors and inject more transparency into all asset classes: from equities to fixed income, exchange traded funds and foreign exchange.
Image
ISO 37001
ISO 37001 specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing and improving an anti-bribery management system. 
Image
ISO 45001
ISO 45001 specifies requirements for an occupational health and safety (OH&S) management system, with guidance for its use, to enable an organisation to proactively improve its OH&S performance in preventing injury and ill-health.
Image
ISO 22301
ISO 22301 specifies the requirements for a Business Continuity Management System to protect against, reduce the likelihood of and ensure your business recovers from disruptive incidents.
Image
ISO 9001
ISO 9001 specifies requirements for a quality management system (QMS). Organizations use the standard to demonstrate the ability to consistently provide products and services that meet customer and regulatory requirements.
Image
ISO 29100
ISO 29100 provides a privacy framework which specifies a common privacy terminology, defines the actors and their roles in processing personally identifiable information (PII), describes privacy safeguarding considerations and provides references to known privacy principles for information technology.
Image
ISO 29134
ISO 29134 gives guidelines for a process on privacy impact assessments and a structure and content of a PIA report. It is applicable to all types and sizes of organizations, including public companies, private companies, government entities and not-for-profit organizations.
Image
California Consumer Privacy Act
On June 28, 2018 California legislature passed AB 375, the California Consumer Privacy Act of 2018, effective January 1, 2020. If the law is not amended before it becomes effective, The California Consumer Privacy Act, AB. 375 — gives California residents an array of new rights, starting with the right to be informed about what kinds of personal data companies have collected and why it was collected.