RSA Exchange Offering List Looking for a specific RSA Exchange offering? The tables below provide a list of all available RSA Exchange offerings. Please note that videos, implementation guides and implementation packages require lo... 
Baseline Security Recommendations for IoT Authoritative Source Content The Baseline Security Recommendations for Internet of Things (IoT) is a set of recommendations from the European Union Agency for CyberSecurity. It is a reference point and foundation to set the scene for IoT se... 
Brazil LGPD General Law for the Protection of Personal Data Authoritative Source Content Law 13.709/18 of Brazil is the General Law for the Protection of Personal Data, also known as “Lei Geral de Proteção de Dados - LGPD” and is intended to regulate the treatment of personal data ... 
California Consumer Privacy Act Authoritative Source Content The California Consumer Privacy Act was passed in June, 2018 and goes into effect on January 1, 2020. This bill grants consumers the right to request businesses disclose the categories and specific pieces of per... Centers for Medicare and Medicaid Services Authoritative Source Content The Centers for Medicare & Medicaid Services, CMS, is part of the Department of Health and Human Services (HHS). Four sources are available for the Centers of Medicare and Medicaid Services: ... Cyber Essentials PLUS Authoritative Source Content Cyber Essentials is published by the UK National Cyber Security Centre as a simple but effective, government-backed scheme that will help to protect an organization, whatever its size, against a range of the most comm... Federal Financial Institutions Examination Council (FFIEC) Booklets Authoritative Source Content The Federal Financial Institutions Examination Council (FFIEC) is a formal inter-agency body empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institu... North American Electric Reliability Corporation (NERC) Standards Authoritative Source Content The North American Electric Reliability Corporation is a nonprofit corporation which was formed by the electric utility industry to promote the reliability and adequacy of bulk power transmission in the electric utili... National Institute of Standards and Technology Guidelines Authoritative Source Content The National Institute of Standards and Technology (NIST) is a part of the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, sta... Shared Assessments Standard Information Gathering Template (SIG) Question Library Content The Shared Assessments Program has been setting the standard in third party risk management since 2005, when the Big Four and six global banks collaborated to form Shared Assessments to address the inefficiencies surr... 
Institute of Internal Auditors (IIA) International Standards Authoritative Source Content Institute of Internal Auditors (IIA) International Standards for the Professional Practice of Internal Audit. Standards are principle-focused and provide a framework for performing and promoting internal auditin... RSA Archer Financial Regulatory Assessment Question Content The RSA Archer Financial Regulatory Assessment Question Content is a collection of 1400+ questions provides target assessments for the following financial services regulations including: Financial Privacy (... ISO/IEC 27001 Standard Authoritative Source Content The ISO/IEC 27001 is an information security management system (ISMS) standard published in October 2013 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (I... B.I.S. Basel II Authoritative Source Content The Bank for International Settlements (BIS) was established in 1930 and is owned by 60 central banks, representing countries from around the world. The BIS mission is to serve central banks in their pursuit of moneta... E.U. Markets in Financial Instruments Directive (MIFID 2: Directive 2014/65/EU) Authoritative Source Content The MIFID 2 - Directive 2014/65/EU (Markets in Financial Instruments Directive) is a legislative Framework instituted by the European Union to regulate financial markets and improve protections for investors. L... ISACA COBIT Authoritative Source Content COBIT is the only business framework for the governance and management of enterprise IT. It is the product of a global task force and development team from ISACA, a nonprofit, independent association of more than 140,... Payment Card Industry Data Security Standard (PCI DSS) Authoritative Source Content The Payment Card Industry Data Security Standard is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical p... RSA Archer Question Library Content The RSA Archer Question Library is a central repository for assessment-based content that might be used to drive questionnaire generation or facilitate compliance assessments. Out-of-the-box the RSA Arch... Institute of Internal Auditors (IIA) Audit Control Assessment Questionnaire Content This questionnaire content provides 3 questionnaires from the Institute of Internal Auditors (IIA): IIA Project Quality Assurance Question Bank: The IIA Project Quality Assurance (QA) Question bank... RSA Archer Control Assessment Questionnaire Content The RSA Archer Control Assessment questionnaire content includes over 2,200 questions that were authored based on the RSA Archer Archer Control Standards. Each question is mapped to it's related RS...