Framework Guidance

• Government clouds (GCC High, GovCloud): what changes, common blockers, and what to collect for Support
• FAQs: NYDFS (23 NYCRR 500): scope, Class A, and customer documentation
• FAQs: Privacy regulations: GDPR, CCPA, cookies, and data subject requests
• FAQs: Encryption and key management: data at rest, in transit, and controls
• FAQs: PCI DSS: scope, evidence, and common scenarios
• FAQs: SOC 2: audits, trust services criteria, and common scenarios
• FAQs: FedRAMP, CMMC, and DFARS: readiness, scope, and evidence
• FAQs: ISO 27001: requirements, evidence, and common scenarios
• FAQs: HIPAA: requirements, evidence, and common scenarios
• SOC 2 Trust Service Criteria
• SOC 2 Overview
• SOC 2 Processing Integrity
• SOC 2 Type 2 Audit Review Period Items
• California Consumer Privacy Act (CCPA)
• General Data Protection Regulation (GDPR)
• Understanding the Scope of HIPAA
• HIPAA examination
• HIPAA Training requirements
• Understanding PCI DSS Compliance