Frameworks & Standards
Explore the compliance frameworks and security standards we implement. From ISO certifications to regulatory compliance, Srida IT provides end-to-end consulting for every framework your organization needs.
ISO Management Standards
International standards for information security, privacy, business continuity, and IT service management.
ISO 27001
ISO/IEC 27001 — Information Security Management System (ISMS)
The global gold standard for information security management
ISO 27701
ISO/IEC 27701 — Privacy Information Management System (PIMS)
Extension to ISO 27001 for privacy information management
ISO 27017
ISO/IEC 27017 — Cloud Security Controls
Security controls for cloud service providers and customers
ISO 27018
ISO/IEC 27018 — Protection of PII in Public Clouds
Privacy controls for cloud service providers handling personal data
ISO 22301
ISO 22301 — Business Continuity Management System (BCMS)
Ensuring organizational resilience through business continuity planning
ISO 20000
ISO/IEC 20000 — IT Service Management System (SMS)
The international standard for IT service management excellence
ISO 31000
ISO 31000 — Risk Management Guidelines
International guidelines for enterprise risk management
Privacy Regulations
Global data protection and privacy regulations governing personal data processing.
GDPR
General Data Protection Regulation (EU)
The European Union's comprehensive data protection regulation
DPDPA
Digital Personal Data Protection Act (India)
India's comprehensive digital personal data protection legislation
CCPA
California Consumer Privacy Act (CCPA/CPRA)
California's landmark consumer privacy legislation
HIPAA
Health Insurance Portability and Accountability Act
US federal standard for protecting health information privacy and security
Security Standards
Technical security standards for payment card data, federal systems, and vulnerability testing.
PCI DSS
Payment Card Industry Data Security Standard
The global security standard for protecting cardholder data
PCI CP
PCI Card Production and Provisioning Security
Security standards for card manufacturing and personalization
FedRAMP
Federal Risk and Authorization Management Program
US government security authorization for cloud service providers
CMMC
Cybersecurity Maturity Model Certification
US Department of Defense cybersecurity requirements for contractors
VAPT
Vulnerability Assessment and Penetration Testing
Proactive security testing to identify and remediate vulnerabilities
Audit & Attestation
Independent audit frameworks for financial reporting, trust services, and IT controls.
SOC 1
SOC 1 — System and Organization Controls for Financial Reporting
Controls assurance for services impacting financial reporting
SOC 2
SOC 2 — Trust Services Criteria for Security, Availability & Privacy
The industry standard for demonstrating operational security and trust
SOX
Sarbanes-Oxley Act — IT General Controls
IT controls compliance for publicly traded companies
Governance Frameworks
Enterprise governance frameworks for cybersecurity risk management and IT governance.
NIST CSF
NIST Cybersecurity Framework
The leading cybersecurity risk management framework
COBIT
COBIT — Control Objectives for Information and Related Technologies
The enterprise IT governance and management framework
GSMA SAS
GSMA Security Accreditation Scheme
Security accreditation for SIM and eSIM production facilities
Not Sure Which Framework You Need?
Our GRC experts will assess your business requirements and recommend the right frameworks for your organization.
Get Expert Guidance