Guarantee legal compliance
Summary
The system must comply with the legal requirements of the jurisdiction to which it is subject.
Description
empty
Supported In
This requirement is verified in following services
| Plan | Supported |
|---|---|
| Machine | 🔴 |
| Squad | 🟢 |
References
- GDPR-R45. Fulfillment of legal obligations
- NIST Framework-PR_IP-5. Policy and regulations regarding the physical operating environment for organizational assets are met
- FCRA-605-H_2. Regulations
- GLBA-501_A. Privacy obligation policy
- MISRA-C-1_1. All code shall conform to legal compliance
- NYDFS-500_3. Cybersecurity policy
- PDPA-3_12. Policies and practices
- PDPO-5_19. Compliance with data access request
- PDPO-S1_5. Information to be generally available
- CMMC-AC_L2-3_1_3. Control CUI flow
- HITRUST CSF-01_a. Access control policy
- HITRUST CSF-02_d. Management responsibilities
- HITRUST CSF-04_a. Information security policy document
- HITRUST CSF-06_a. Identification of applicable legislation
- HITRUST CSF-06_b. Intellectual property rights
- HITRUST CSF-06_f. Regulation of cryptographic controls
- HITRUST CSF-06_g. Compliance with security policies and standards
- HITRUST CSF-09_i. System acceptance
- HITRUST CSF-13_g. Purpose legitimacy
- FedRAMP-SA-1. System and services acquisition policy and procedures
- FedRAMP-SC-1. System and communications protection policy and procedures
- ISO/IEC 27002-5_34. Privacy and protection of Personal Identifiable Information (PII)
- LGPD-7_II. Requirements for the Processing of Personal Data
- LGPD-7_VI. Requirements for the Processing of Personal Data
- LGPD-26. Rules
- LGPD-51. Good Practice and Governance
- WASSEC-8_4_1. Compliance report
- OSSTMM3-9_1_1. Wireless security (posture review) - Policy
- PTES-7_2_1. Post exploitation - Rules of engagement (protect the client)
- OWASP Top 10 Privacy Risks-P5. Non-transparent policies, terms and conditions
- MVSP-1_6. Business controls - Compliance
- OWASP MASVS-V1_12. Architecture, design and threat modeling requirements
- NIST 800-115-6_6. Legal considerations
- SIG Lite-SL_23. Is there an information security policy that has been approved by management and an owner to maintain and review the policy?
- SIG Core-B_1. Security policy
- SIG Core-B_1_1. Security policy
- SIG Core-L_1. Compliance
- OWASP ASVS-1_1_1. Secure Software Development Lifecycle
- ISO/IEC 27001-5_34. Privacy and protection of Personal Identifiable Information (PII)
Vulnerabilities
free trial
Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.