The CIS AWS Foundations Benchmark provides a high-level compliance standard for securing Amazon Web Services resources. The benchmark offers prescriptive instructions for configuring AWS services in accordance with industry best practices
System and Organization Controls (SOC) 2 is an auditing procedure that ensures a company's data is securely managed
It's intended for use by service organizations (organizations that provide information systems as a service to other organizations) to issue validated reports of internal controls over those information systems to the users of those services. The reports focus on controls grouped into five categories known as Trust Service Principles
NIST SP 800-53 provides a list of controls that support the development of secure and resilient federal information systems.
These controls are the operational, technical, and management standards and guidelines used by information systems to maintain confidentiality, integrity, and availability
NIST Cybersecurity Framework is a set of guidelines for mitigating organizational cybersecurity risks, published by the US National Institute of Standards and Technology (NIST) based on existing standards, guidelines, and practices.taxonomy of cybersecurity outcomes and a methodology to assess and manage those outcomes", in addition to guidance on the protection of privacy and civil liberties in a cybersecurity context. It has been translated into many languages and is used by several governments and a wide range of businesses and organizations
PCI Security Standards are technical and operational requirements set by the PCI Security Standards Council (PCI SSC) to protect cardholder data. The standards apply to all entities that store, process, or transmit cardholder data – with requirements for software developers and manufacturers of applications and devices used in those transactions
FedRAMP (Federal Risk and Authorization Management Program) is the US federal government’s approach to securing the cloud services that its agencies use internally.
A preliminary set of baseline controls is provided through the GC Cloud Guardrails, which help to ensure that cloud-based environments are protected upon receipt of enrolment under the GC Cloud Services Framework Agreement
Canada Protected B Medium Integrity Medium Availability (PBMM)
PBMM controls identify the baseline security controls that must be implemented by CSPs and GC departments and agencies in order to appropriately protect cloud-based GC services and related information having a security category of Protected B, medium integrity, and medium availability (PBMM)
Reserve Bank India (RBI) Cyber Security Framework
A comprehensive cyber security framework by RBI for Urban Cooperative Banks, as a graded approach, based on their digital depth and interconnectedness with the payment systems landscape, digital products offered by them, and assessment of cyber security risk.