REGULATIONS COMPLIANCE AUDIT SECURITY

HIPAA Cybersecurity

   HIPAA Security Rule

   HIPAA Privacy Rule

   Risk Analysis and Management 


Administrative Safeguards

       Security Management Process

       Security Personnel

       Information Access Management

       Workforce Training and Management Evaluation

   

HIPAA Physical Security

       Facility Access and Control

       Workstation and Device Security

   

HIPAA Technical Safeguards

       Access Control

       Audit Controls

       Integrity Controls

       Transmission Security

   

HIPAA Organizational Requirements

       Covered Entity Responsibilities

       Business Associate Contracts

   

Policies and Procedures and Documentation Requirements

   HITECH Act of 2009

   WISP (Written Information Security Plan

NIST Cyber Security

   NIST SP 800-177 Trustworthy Email

   NCCoE DNS-Based Secured Email

   NIST guidance on current DDoS mitigation techniques

   High Assurance Domains

   

IoT Standards

       Cybersecurity Framework

       Privacy Engineering Program

       Cybersecurity Framework Profile for Manufacturing

       National Vulnerability Database

       Security of Interactive and Automated Access
       Management Using Secure Shell (SSH)

       Security Systems Engineering

       Digital Identity Guidelines

       Security Content Automation Protocol (SCAP) Standards and Guidelines

       Software Assessment Management Standards and Guidelines

       Cyber Threat Information Sharing

NERC (North American Electric Reliability Corporation)

   (EOP) Emergency Preparedness and Operations

   (CIP) Critical Infrastructure Protection

       Cyber Security

       Physical Security

   (EOP) Emergency Preparedness and Operations

   (PER) Personnel Performance, Training, and
   Qualifications

   (MOD) Modeling, Data, and Analysis

   (PRC) Protection and Control

Other Capabilities

CISSP


Lean 6σ

   DMAIC


ISO9001

   ISO9001:2015