Privacy Orchards
Privacy Orchards
  • Home
  • Advisory
  • Assessments
  • Training
  • Regulatory Updates
  • About Us
  • More
    • Home
    • Advisory
    • Assessments
    • Training
    • Regulatory Updates
    • About Us
  • Home
  • Advisory
  • Assessments
  • Training
  • Regulatory Updates
  • About Us

Looking for an information security or privacy assessment? Take a look at our list below, or reach out directly for a customized assessment.

Assessments

CMMC

CMMC Level 1 - Gap Analysis

Gap Analysis Assessment against NIST SP 800-171 Rev. 2  - 17 practices for CMMC Level 1 Compliance.

NIST 800-171 Rev. 2

  Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

NIST 800-172

  Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

NIST 800-53 Rev. 5

 Security and Privacy Controls for Information Systems and Organizations

NIST Cybersecurity Framework (CSF) 2.0

Cybersecurity - Government

NIST Cybersecurity Framework (CSF) 2.0

NIST 800-171 Rev. 3

  Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

NIST 800-53 Rev. 5

 Security and Privacy Controls for Information Systems and Organizations

Directive 2022/2555 - Network and Information systems (NIS2)

Unified legal framework to uphold cybersecurity in 18 critical sectors across the EU

Privacy

General Data Protection Regulation (GDPR)

Privacy Impact Assessment (PIA)

Data Protection Impact Assessment (DPIA)

Records of Processing Activity (RoPA) Assessment

Data Collection

Legitimate Interests Assessment

International Transfers Assessment

Transfer Impact Assessment (TIA)

NIST Privacy Framework 1.0

ISO/IEC Assessments

ISO/IEC 27001:2022

 Information security, cybersecurity and privacy protection — Information security management systems — Requirements 

ISO/IEC 27701:2019

Add a description about this item

ISO/IEC 27005:2022

 Information security, cybersecurity and privacy protection — Guidance on managing information security risks 

ISO/IEC 27018:2019

 Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors 

ISO/IEC 42001:2023

 Information technology — Artificial intelligence — Management system 

Artificial Intelligence (AI)

AI Act - EU

Data Protection Impact Assessment (DPIA)

Fundamental Rights Impact Assessment (FRIA)

Artificial Intelligence Risk Management Framework (AI RMF 1.0)

Financial Services/Fintech

GLBA

Gramm-Leach-Bliley Act Risk Assessment

NY DFS 23 NYCRR 500

State of NY - Department of Financial Services enacted a regulation establishing cybersecurity requirements for financial services companies, 

SWIFT

 Society for Worldwide Interbank Financial Telecommunications

  • Customer Security Program
  • ISO 20022 and Cross-border payments and reporting plus (CBPR+) i 

Digital Operational Resilience Act (DORA)

 IT security of financial entities such as banks, insurance companies and investment firms and making sure that the financial sector in Europe 

Microsoft SSPA

Microsoft SSPA: Supplier Security & Privacy Assurance.

  • Home
  • Advisory
  • Assessments
  • Training
  • Regulatory Updates
  • About Us
  • Privacy Policy

Privacy Orchards, LLC

info@privacyorchards.com

+1-503-862-7841

Copyright © 2025 Privacy Orchards, LLC - All Rights Reserved.

Powered by

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept