ISO 27001
ISO 27001 is an international standard for managing information security. It helps organizations protect sensitive data, identify risks, and ensure compliance through an Information Security Management System.
SOC 2 Readiness
SOC 2 is an AICPA-developed framework. It audits service providers' controls across five Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy, ensuring data protection.
TISAX ISA
TISAX is an assessment model based on ISO 27001, tailored for the automotive industry. It supports secure data sharing among manufacturers, suppliers, and service providers, ensuring industry-aligned information security.
NIST CSF v2.0
The NIST Cybersecurity Framework provides guidelines for managing and reducing cybersecurity risks. It helps organizations identify, protect, detect, respond to, and recover from cyber threats, enhancing resilience and protecting critical assets.
HIPAA Security Rule
HIPAA Security Rule sets standards to protect electronic personal health data. It requires safeguards—administrative, physical, and technical—to ensure confidentiality, integrity, and security of health data.
PCI DSS v4.0
PCI DSS v4.0 is a global standard for protecting credit card data. It helps organizations prevent fraud by requiring access controls, encryption, and compliance, ensuring secure cardholder data handling practices.
ISO 31000:2018
ISO 31000 provides guidelines for risk management, helping organizations identify, assess, and treat risks. It integrates risk thinking into processes, improving resilience, efficiency, and informed decision-making.
CIS CSC V8.1
The CIS Controls are prioritized best practices to secure IT systems. Version 8.1 improves clarity and helps organizations assess and enhance their cybersecurity posture through structured guidance and risk management.
ISO 22301:2019
ISO 22301 is the standard for Business Continuity Management. It helps organizations prepare for and recover from disruptions, ensuring critical business operations continue during emergencies and reducing downtime.
EU AI ACT
The EU AI Act is a regulatory framework that classifies AI systems by risk level and sets rules to ensure safety, transparency, human oversight, and fundamental rights protection, aiming to foster trustworthy and lawful AI across the EU.
NIST AI RMF 600-1
The NIST AI Risk Management Framework helps assess and manage AI risks. It ensures AI systems are secure, ethical, transparent, and privacy-respecting while minimizing harm and supporting responsible innovation.
ISO 42001:2023
ISO 42001 is an international standard for managing AI responsibly. It helps organizations create an AI Management System (AIMS), address risks, and comply with legal, ethical, and social expectations effectively.
GDPR
The GDPR regulates how personal data is handled in the EU. It empowers individuals with control over their data and imposes strict responsibilities and penalties on organizations to ensure data protection.
Enveedo PIA
Enveedo PIA identifies privacy risks in data processing. It ensures safeguards are in place, aligns with laws like GDPR, and helps organizations mitigate risks before launching new data-handling activities.
Colombia Data Protection Law
Colombia’s Law 1581 sets privacy principles and rules for data protection. It ensures transparency, data security, and compliance obligations for entities that process personal data within the country.
Mexico Data Protection Law (Public)
This law applies to public entities in Mexico. It protects personal data through principles like transparency and accountability, ensuring individuals can control and access their data held by government.
NIST Privacy Framework v1.0
The NIST Privacy Framework helps manage privacy risks when building systems and services. It supports compliance and enables responsible data-handling practices by identifying and reducing privacy risks.
Argentina Data Protection Law
Argentina’s Law 25,326 protects personal data and ensures individual privacy rights. It applies to both sectors and mandates that organizations process personal data under transparency and legal principles.
Mexico Data Protection Law (Private)
Mexico’s LFPDPPP regulates how private entities process personal data. It protects privacy rights and sets rules for lawful processing, ensuring transparency, consent, and appropriate data safeguards.
Chile Cybersecurity Law
Chile’s Cybersecurity Framework Law (21.663) requires public and private infrastructure to implement security measures, report incidents, and coordinate with national authorities to ensure cyber resilience.
ISO 27701:2019 Processors
Annex B of ISO 27701 extends ISO 27001 with privacy controls for processors. It helps organizations demonstrate compliance and accountability when handling data on behalf of controllers under privacy laws.
Chile Data Protection Law
Chile’s new Data Protection Law (21.719) mandates transparency and consent for data use, enforces rights like access, correction, and deletion, and aligns the country with global data standards by December 2026.
Peru Data Protection Law
Peru’s Law 29733 protects personal data by requiring consent, data security, and transparency. It ensures that individuals' privacy rights are respected in all public and private data processing activities.
ISO 27701:2019 Controllers
Annex A of ISO 27701 adds privacy controls for data controllers. It extends ISO 27001 to manage personal data, helping organizations meet requirements like GDPR and support individual rights effectively.
LGPD
The LGPD is Brazil’s comprehensive data law, regulating the collection and use of personal data. It applies to all organizations processing data in Brazil and guarantees rights, informed consent, and strong data protection.
CE 007/2018 Requirements
This circular defines minimum cybersecurity requirements for financial entities in Colombia. It ensures information is protected through mandatory controls and enhances the financial sector’s cyber resilience.