Standard References
Official compliance frameworks and standards observed by the organization. Use these references to understand the specific controls required for each audit.
CyberSecure Canada
StandardCyberSecure Canada Baseline Security Controls. A Government of Canada cybersecurity certification baseline for small and medium-sized organizations.
India's DPDP
RegulationDigital Personal Data Protection Act, 2023. Governs the processing of digital personal data in India.
EU GDPR
RegulationEU General Data Protection Regulation (Regulation (EU) 2016/679). Governs the processing of personal data of individuals in the European Union.
ISO/IEC 27001:2022
standardThe international standard for Information Security Management Systems (ISMS).
ISO/IEC 42001:2023
StandardISO/IEC 42001:2023. International standard for establishing, implementing, maintaining, and improving an Artificial Intelligence Management System (AIMS).
Quebec Law 25
RegulationQuebec Law 25 (Loi 25). Modernizes the protection of personal information in Quebec's private sector.
SOC 2
StandardSOC 2 is a compliance framework developed by the American Institute of Certified Public Accountants (AICPA) that evaluates an organization's information systems and controls relevant to security, availability, processing integrity, confidentiality, and privacy.
