• American Institute of CPAs (AICPA) Privacy Maturity Model Authoritative Source Content

    The American Institute of CPAs (AICPA) provides the world’s largest member association representing the accounting profession. The organization includes 431,000+ members in 130 countries and territories, re...
    Susan Read-Miller
    last modified by Susan Read-Miller
  • Cybersecurity Maturity Model Certification Framework (CMMC) Authoritative Source Content

    The Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD(A&S)) has developed the Cybersecurity Maturity Model Certification (CMMC) framework in concert with U.S. Department of Defense (Do...
    Gloria Higley
    last modified by Susan Read-Miller
  • European Union (E.U.) Regulatory Technical Standards for Authentication Authoritative Source Content

    The Regulatory Technical Standards on strong customer authentication and secure communication are key to achieving the objective of the revised Payment Services Directive (PSD2) for enhancing consumer protection, prom...
    Gloria Higley
    last modified by Susan Read-Miller
  • HITRUST CSF™ Authoritative Source Content

    The foundation of all HITRUST® programs and services is the HITRUST CSF™, a certifiable framework that provides organizations with a comprehensive, flexible, and efficient approach to regulatory compliance ...
    Christine Tran
    last modified by Susan Read-Miller
  • RSA Exchange Offering List

      Looking for a specific RSA Exchange offering? The tables below provide a list of all available RSA Exchange offerings. Please note that videos, implementation guides and implementation packages require lo...
    Susan Read-Miller
    last modified by Christine Tran
  • Hong Kong Monetary Authority (HKMA) Authoritative Source Content

    The Hong Kong Monetary Authority (HKMA) is Hong Kong’s central banking institution. Established in 1993, the HKMA maintains currency stability within the framework of the Linked Exchange Rate System, promotes th...
    Susan Read-Miller
    last modified by Susan Read-Miller
  • Industrial Internet Consortium (IIC) IoT SMM Framework Authoritative Source Content

    The Industrial Internet Consortium is a global not-for-profit partnership of industry, government and academia founded in March 2014. Their mission is to bring together organizations and technologies necessary to acce...
    Gloria Higley
    last modified by Susan Read-Miller
  • Microsoft Software Development Lifecycle Authoritative Source Content

    The Microsoft Security Development Lifecycle (SDL) is an industry-leading software security assurance process. A Microsoft-wide initiative and a mandatory policy since 2004, the SDL has played a critical role in embed...
    Susan Read-Miller
    last modified by Susan Read-Miller
  • RSA Archer Third Party Pandemic Preparedness Assessment Questionnaire Library Content

      The RSA Archer Third Party Pandemic Preparedness Assessment is a questionnaire used with the RSA Archer Third Party Risk Assessment use case to assess a third party’s plan for a pandemic. Customers can a...
    Christine Tran
    last modified by Susan Read-Miller
  • U.K. National Cyber Security Centre (NCSC) Cyber Assessment Framework Authoritative Source Content

    The United Kingdom National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF) provides a systematic and comprehensive approach to assessing the extent to which cyber risks to essential functions are being ...
    Gloria Higley
    last modified by Susan Read-Miller
  • U.K. Network and Information Systems Regulations Authoritative Source Content

    The U.K. Security of Network & Information Systems Regulations (NIS Regulations) provide legal measures aimed at boosting the overall level of security (both cyber and physical resilience) of network and informati...
    Susan Read-Miller
    last modified by Susan Read-Miller
  • U.S. HHS/CDC Business Pandemic Influenza Planning Checklist Questionnaire Library Content

    The U.S. Department of Health and Human Services (HHS) and the Centers for Disease Control and Prevention (CDC) have partnered up to develop checklists to help organizations in the event of pandemic influenza....
    Christine Tran
    last modified by Susan Read-Miller
  • U.S. Sarbanes-Oxley Act Authoritative Source Content

    The Sarbanes–Oxley Act of 2002, also known as the 'Public Company Accounting Reform and Investor Protection Act' (in the Senate) and 'Corporate and Auditing Accountability and Responsibility Act' (in the House) ...
    Susan Read-Miller
    last modified by Susan Read-Miller
  • U.S. State Privacy Laws Authoritative Source Content

    This authoritative source comprises state privacy laws for the following U.S. States: Maine - An Act To Protect the Privacy of Online Customer Information Nevada - Chapter 603A Security and Privacy of Personal ...
    Gloria Higley
    last modified by Susan Read-Miller
  • U.S. White House 25 Point Implementation Plan to Reform Federal Information Technology Management Authoritative Source Content

    The U.S. White House 25 Point Implementation Plan to Reform Federal Information Technology Management was released to U.S. federal agencies in an effort to deliver more value to the American taxpayer. The recomme...
    Susan Read-Miller
    last modified by Susan Read-Miller
  • U.S. State Data Security Laws Authoritative Source Content

    RSA Archer provides authoritative source content for U.S. State Data Security Laws.  Two authoritative source content packages are available:   Data Security Laws for Companies and Insurers - ...
    Christine Tran
    last modified by Susan Read-Miller
  • U.S. State Breach Notification Laws Authoritative Source Content

    This authoritative source comprises the breach notification laws for the 50 U.S. States and territories.  Data Breach Laws are available as authoritative source content for the following laws: AK 45.48:  Al...
    Susan Read-Miller
    last modified by Susan Read-Miller
  • U.S. Securities and Exchange Commission (SEC) Authoritative Source Content

    The U.S. Securities and Exchange Commission (SEC) is an independent, federal government agency responsible for protecting investors, maintaining fair and orderly functioning of securities markets, and facilitating cap...
    Christine Tran
    last modified by Susan Read-Miller
  • U.S. O.M.B. A-130 Authoritative Source Content

    Agencies of the Federal Government depend on the secure acquisition, processing, storage, transmission, and disposition of information to carry out their core missions and business functions. Federal agencies must imp...
    Susan Read-Miller
    last modified by Susan Read-Miller
  • U.S. International Traffic in Arms (ITAR) Authoritative Source Content

    Section 38 of the Arms Export Control Act (22 U.S.C. 2778) authorizes the U.S. President to control the export and import of defense articles and defense services. The statutory authority of the President to promulgat...
    Susan Read-Miller
    last modified by Susan Read-Miller