Resources

Why should we have all the fun?  Scroll down to learn more about your industry's information security requirements.  All links will redirect you to the source site or document.  These documents are the original and not altered by Nuestra Consulting.  Check back as we often update/add to this page as new reports/guides/regulations are released.

 
 

Government - Defense and non-defense focused regulations

Whether your business is a defense contractor or standard government contractor, the resources below should steer you in the right direction.  

  • International Traffic in Arms Regulations | Most useful for organizations exporting goods/services outside the U.S. | Link

  • Defense Federal Acquisition Regulations Supplement | Applicable to all DoD Contractors/Sub-Contractors | Link

  • Federal Acquistino Regulations | Applicable to all U.S. Government Contractors/Sub-Contractors | Link

  • National Archives and Records Administration | Definitions/Categories of Safeguarded Information | Link

Additional Resources 

  • National Institute of Standards & Technology

    • NIST SP 800-53 | Link

    • NIST 800-171 | Link

    • NIST Cybersecurity Framework | Link

 

government - financial regulations

Financial regulations are nearly endless; however, we've put together a short list of publications that provide a decent starting point.

  • Financial Industry Regulation Authority | Regulations for firms that sell securities in the US

    • Regulation S-P | Policies and Procedures to Protect Customer Information | Link

    • Regulation S-ID | Outlines a Firm's Duties to Protect Customer Information | Link

    • Securities Exchange Act of 1934 | Data Preservation | Link

  • Federal Financial Institution Examination Council

    • Cybersecurity Assessment Tool 2017 | Link

    • Cybersecurity Assessment Tool User Guide | Link

    • IT Handbook | Link

  • Payment Card Industry Data Security Standard | For any organization processing credit card information

    • Requirements and Security Assessment Procedures | Link

    • PCI-DSS Quick Reference Guide | Link

    • Self-Assessment Questionnaire | Determine Your Organization's Obligations | Link

 

additional information security regulations

  • General Data Protection Regulation | Designed to Protect All Members of the EU | Link