Frameworks

ISO/IEC 27001

Cybersecurity

ISO/IEC 27001 is the international standard for Information Security Management Systems (ISMS), providing a framework for organisations to establish, implement, maintain, and continually improve their ISMS. It helps organisations manage and protect their information assets, including physical, digital, and human-related information. ISO/IEC 27001 also helps organisations meet regulatory and legal requirements related to information security.

Cyber Essentials Plus

🇬🇧 UK

Cyber Essentials is a government-backed certification scheme in the UK designed to help organisations demonstrate they have a minimum level of cybersecurity protection against common online threats.

NIST Cybersecurity

Cybersecurity

NIST CSF (Cybersecurity Framework) is a general framework for managing cybersecurity risks, while NIST 800-53 provides a specific set of security controls, primarily for federal agencies and their contractors.

NHS DTAC

Cybersecurity·🇬🇧 UK

The NHS DTAC stands for Digital Technology Assessment Criteria. It's a set of standards and guidelines used by NHS organisations in England to assess whether digital health technologies meet NHS expectations around safety, security, usability, and interoperability before they are adopted or commissioned.

CIS Controls

Cybersecurity

CIS Controls, developed by the CIS Centre for Internet Security, are a set of prioritised, actionable cybersecurity-governance best practices designed to help organisations strengthen their defences against common cyberattacks. They provide a focused and practical approach to improving cyber resilience.

NHS DSPT

Cybersecurity·🇬🇧 UK

The NHS Data Security and Protection Toolkit (DSPT) is a tool used by organisations that access or use NHS patient data to measure their performance against the National Data Guardian's 10 data security standards.