| Trustmark Definition Name | Version |
|---|---|
|
Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 34(1).
|
1.0 |
|
Addresses the requirement for all communications among an organization's PKI authorities supporting the certificate application and issuance process are authenticated.
|
1.0 |
|
Addresses the requirement for all communications among an organization's PKI authorities supporting the certificate application and issuance process are protected from modification.
|
1.0 |
|
Addresses the requirement for communications between PKI trusted roles and their PKI certificate authority to be protected from modification.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization has agreed to abide by the terms and conditions described in the Compact Council Security and Management Control Outsourcing Standard.
|
1.0 |
|
Specifies rules for determining a health care related organization's starting date of compliance with the privacy rules based on the type of health care organization.
|
1.0 |
|
Specifies rules for determining a health care related organization's starting date of compliance with the privacy rules based on the type of health care organization.
|
1.0 |
|
Specifies rules for determining a health care related organization's starting date of compliance with the privacy rules based on the type of health care organization.
|
1.0 |
|
Specifies rules for determining a health care related organization's starting date of compliance with the privacy rules based on the type of health care organization.
|
1.0 |
|
Specifies a health care related organization's starting compliance date for the Security Rule, based on the type of organization.
|
1.0 |
|
Specifies a health care related organization's starting compliance date for the Security Rule, based on the type of organization.
|
1.0 |
|
Specifies a health care related organization's starting compliance date for the Security Rule, based on the type of organization.
|
1.0 |
|
Specifies a health care related organization's starting compliance date for the Security Rule, based on the type of organization.
|
1.0 |
|
Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 41(4).
|
1.0 |
|
Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 44.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops and implements anti-counterfeit policy that include the means to detect and prevent counterfeit components from entering the information system.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization develops and implements anti-counterfeit procedures that include the means to detect and prevent counterfeit components from entering the information system.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization reports counterfeit information system components to the source of the counterfeit component, organization-defined external reporting organizations, and/or organization-defined personnel or roles.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization scans for counterfeit information system components at an organization-defined frequency.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization trains organization-defined personnel or roles to detect counterfeit information system components (including hardware, software, and firmware).
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization disposes of information system components using organization-defined techniques and methods.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization maintains configuration control over organization-defined information system components awaiting service/repair and serviced/repaired components awaiting return to service.
|
1.0 |
|
Addresses the requirement that only component softwarerelated to the operation of a PKI Certificate Authority are installed.
|
1.0 |
|
Addresses the requirement for computing and communications devices named as PKI certificate subjects to have a human sponsor.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs organization-defined concealment and misdirection techniques for organization-defined information systems at organization-defined time periods to confuse and mislead adversaries.
|
1.0 |
