Compliance and Governance

Compliance and Governance requirements brought on by laws and regulations can pose challenges for
businesses, particularly as increased accountability and standards are applied. Many businesses are
subject to some type of regulation compliance such as HIPAA, or more commonly, PCI-DSS.

Board of Directors and shareholders are increasing their requirements for oversight, particularly in best
practices and continuous improvements in cyber-security.

HIPAA
CMMC/NIST
PCI-DSS

GDPR?
SOC?
ISO 27001 (or 2 or 5 of w/e)