Standards
Standards provide consistency in policy,
practices, and technology. An organization that conforms to standards
can enjoy lower cost and higher quality. This holds true in Information and Business
Security. There are many information security standards that VantagePoint
Security™ uses in its assessments and professional services.
We employ standards when it makes business sense to do so. Some
of the standards that we use and/or recommend include:
Security Policy. ISO 17799, GASSP (Generally Accepted System Security Principles), HIPAA, and PCI DSS.
Security Assessments. IAM (InfoSec Assessment Methodology), IA-CMM (InfoSec Assessment Capability Maturity Model).
Systems and Security Engineering. SSE-CMM (System Security Engineering Capability Maturity Model®), SW-CMM (Software Capability Maturity Model).
Professional Security Certifications. CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager).
Corporate Security Accreditation. TRUSTe, BBBOnline, Safe Harbor, SysTrust, WebTrust, SAS-70.
Corporate Governance and Processes. ITIL (IT Infrastructure Library), COBIT (Control Objectives for Information and related Technology).
Technical Standards. SSL (Secure Socket Layer), TLS (Transport Layer Security), IPsec, AES (Advanced Encryption Standard), Ssh (Secure Shell), P3P (Platform for Privacy Preferences).
HIPAA Security Rule Validation Services. Information security regulations required for all organizations that process electronic private health information (EPHI).
Payment Card Industry Data Security Standard (PCI DSS). A set of comprehensive requirements for enhancing payment account data security developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International, to help facilitate the broad adoption of consistent data security measures on a global basis.
Contact us for more information, or call us at 425.454.5455.
Security Policy. ISO 17799, GASSP (Generally Accepted System Security Principles), HIPAA, and PCI DSS.
Security Assessments. IAM (InfoSec Assessment Methodology), IA-CMM (InfoSec Assessment Capability Maturity Model).
Systems and Security Engineering. SSE-CMM (System Security Engineering Capability Maturity Model®), SW-CMM (Software Capability Maturity Model).
Professional Security Certifications. CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager).
Corporate Security Accreditation. TRUSTe, BBBOnline, Safe Harbor, SysTrust, WebTrust, SAS-70.
Corporate Governance and Processes. ITIL (IT Infrastructure Library), COBIT (Control Objectives for Information and related Technology).
Technical Standards. SSL (Secure Socket Layer), TLS (Transport Layer Security), IPsec, AES (Advanced Encryption Standard), Ssh (Secure Shell), P3P (Platform for Privacy Preferences).
HIPAA Security Rule Validation Services. Information security regulations required for all organizations that process electronic private health information (EPHI).
Payment Card Industry Data Security Standard (PCI DSS). A set of comprehensive requirements for enhancing payment account data security developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International, to help facilitate the broad adoption of consistent data security measures on a global basis.
Contact us for more information, or call us at 425.454.5455.