Dynamic Compliance Matrix

Managing compliance in today’s environment requires developing associations among the numerous regulations, standards, and frameworks. These associations are always in flux, as new regulations are added, older regulations changed, and standards and frameworks updated. The burden of developing and maintaining these associations can be enormous for individual organizations. Avior’s BenchMark Dynamic Compliance Matrix (DCM) greatly eases the burden by delivering this information as a dynamically updated service offering using our patent pending technology.  Our customers can add their own polices or contracts and treat them as they would any other regulation or mandate.  Here is a list of regulations, frameworks, and standards that we support.

Regulations

  • Gramm-Leach-Bliley Act (GLBA)
  • GLBA Title 15 Subchapter 1 Sections 6801-6809 - Disclosure of Nonpublic Personal Information
  • GLBA Title V Privacy of Consumer Financial Information
  • GLBA -Financial Modernization Act of 1999
  • GLBA Financial Privacy Rule (§ 6801-6809)
  • GLBA Safeguards Rule (§6801-6809)
  • GLBA Pretexting (§6821-6827)
  • GLBA Section 501(b) Safeguards
  • Sarbanes-Oxley Act (SOX)
  • SOX Title III Section 302: Corporate Responsibility for Financial Reports
  • SOX Title IV Section 401: Enhanced Financial Disclosures – Disclosures in Periodic Reports
  • SOX Title IV Section 404: Enhanced Financial Disclosures – Management Assessment of Internal Controls
  • SOX Title IV Section 409: Enhanced Financial Disclosures – Real Time Issue Disclosure
  • SOX Title VIII Section 802: Corporate & Criminal Fraud Accountability – Criminal Penalties for Altering Documents
  • PCAOB (Public Company Accounting Oversight Board) Standards & Related Rules
  • PCAOB Auditing Standard No. 5
  • BASEL III Accord
  • The Privacy Act – Code of Fair Information Practice
  • Computer Matching & Privacy Protection Act
  • E-Government Act Section 208 Privacy Provisions
  • Title III of the E-Government Act – Information Security
  • Federal Information Management Act
  • 21 CFR Part 11: Electronic Records, Electronic Signatures
  • HIPAA - Health Insurance Portability and Accountability Act
  • HIPAA Subchapter C – Administrative Data Standards & Related Requirements
  • HIPAA Subchapter C, Part 164 Security & Privacy subpart C – Security Standards for Protection of Electronic Protected Health Information
  • HIPAA Subchapter C, Part 164 Security & Privacy subpart D – Notification in the case of Breach of Unsecured Protected Health Information
  • HIPAA Subchapter C, Part 164 Security & Privacy subpart E – Privacy of Individually
  • HITECH (Health Information Technology for Economic & Clinical Health Act)
  • Identifiable Health Information Fair Credit Reporting Act (FCRA)
  • Federal Trade Commission Act
  • Fair and Accurate Transactions Act (FACT Act)
  • FTC FACT Act - Red Flag Rules
  • EU Data Protection Directive
  • EU Data Directive 95/46/EC
  • US-EU Safe Harbor Privacy Principles
  • Australian Privacy Act
  • Australian Privacy Act – National Privacy Principles
  • Japan Personal Information Protection Act
  • Massachusetts Data Privacy Law
  • 201 CMR 17.00: Standards for the Protection of Personal Information of Residents of the Commonwealth
  • Personal Information Protection and Electronic Documents Act
  • California SB1386 & AB 1298
  • The Personal Information Protection and Electronic Documents Act (PIPEDA)
  • Bank Secrecy Act (BSA)
  • Bank Secrecy Act Anti-Money Laundering (BSA/AML)
  • NERC (North America Electric Reliability Corporation) CIP (Critical Infrastructure Protection) 002-CIP 009
  • 12 CFR Part 30 Part 30: Safety & Soundness Standards
  • SEC Reg. S-P Non Public Personal Information (NPI)
  • FERPA – Family Educational Rights & Privacy

Standards

  • ISO/IEC 27001:2005 – Information technology – Security Techniques – Information Security Management Systems Requirements
  • ISO/IEC 27002:2005 - Information technology – Security techniques – Code of Practice for Information Security Management
  • ISO/IEC 27799:2008 - Health Informatics –  Information Security – management in health using ISO/IEC 27002
  • ISO/IEC 27005:2008 - Information technology-Security technology- Information Security Risk Management
  • ISO/DIS 31000 - Risk Management – Principles and guidelines
  • (NIST) National Institute of Standards – Special Publications (SP)
  • NIST SP 800-53 r3 Guide for Assessing
    the Security Controls in Federal Information Systems
  • NIST SP 800-66 An Introductory
  • Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
  • NIST 800-122 Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)
  • NIST 800-39 Managing Risk from Information Systems
  • NIST 800-100 Information Security Handbook – A Guide for Managers
  • NIST 800-53 Appendix J – Privacy Control Catalog
  • Payment Card Industry – Data Security Standard (PIC-DSS) v2.0
  • National Standard of Canada Entitled Model Code for the Protection of Personal Information
  • Canadian Government Operation Security Standard: Management of Information Technology Security
  • Information Security Forum (ISF) Standard of Good Practice: 2011
  • SSAE No.16 (Standards for Attestation Engagements) (complies w/ISAE 3402)

Frameworks

  • COSO ERM Integrated Framework
  • ITIL Services Management Framework
  • ISTPA Privacy Framework
  • ISTPA Privacy Management Reference Model V2
  • APEC Privacy Framework 

Guidance

  • Federal Financial Institutions Examination Council (FFIEC)
  • FFIEC Remote Deposit Capture Guidance
  • FFIEC IT Examination Booklet Information Security
  • FFIEC Outsourcing Technology Services Booklet
  • FFIEC Business Continuity Planning (BCP) IT Handbook 2008
  • FFIEC BSA/AML Examination Manual
  • UN Guidelines Concerning Personalized Computer Files
  • Generally Accepted Privacy Principles (GAPP 2009)
  • Privacy Impact Assessment Guide
  • OECD
  • Guidelines on the Protection of Privacy and Transborder Flows of Personal Data
Universal cleaning
hoeveel afvallen per week
fare addominali fa dimagrire
where to buy real steroids online
eurochemlabs