Regulations and Directives

Let FORT handle the regulatory maze while you focus on business growth. Compliance can be just a walk in the park with our team’s help.

Consultancy for Compliance and Governance

Our team of experts will help you perform gap analysis, full audits and even full implementations for each of these rules and regulations, so that you have the best approach to reach conformity.

NIS - Network and Information Systems Directive

The NIS Directive boosts cybersecurity for critical infrastructure in the EU, requiring measures and incident reporting from essential service and digital providers.

ADR 553/2019 Regulation

ADR 553/2019 outlines the approval process for remote payment instruments in Romania, requiring authorization from the Ministry of Communications and notification to the National Bank of Romania (BNR).

ADR 564/2021 Regulation

ADR 564/2021, approved by the Authority for Digitalization of Romania, sets rules for remote video-based identification, aiming to standardize the process and ensure compliance with EU and national electronic identification laws.

ASF Norma 4

ASF Norma 4 is a directive issued by the Financial Supervisory Authority (ASF) that focuses on specific cybersecurity standards for financial institutions. It requires robust cybersecurity measures, incident reporting protocols, and regular security assessments

SOC2 - Service Organization Control 2

SOC2 is an auditing standard established by the American Institute of Certified Public Accountants (AICPA). It evaluates the controls and processes of service organizations, particularly those related to data security, availability, processing integrity, confidentiality, and privacy.

PCI DSS - Payment Card Industry Data Security Standard

PCI DSS is a set of security standards established to protect cardholders’ data and ensure secure credit card transactions. Compliance with PCI DSS is crucial for businesses that process, store, or transmit credit card information.

DORA - Defense Online Reporting and Analysis

The DORA mandate aims to enhance the cybersecurity posture of defense contractors and suppliers. It requires adherence to specific cybersecurity standards to protect sensitive data and intellectual property.

eIDAS - Electronic Identification and Trust Services:

The eIDAS Regulation establishes a legal framework for electronic identification and trust services within the European Union. It promotes secure electronic transactions and recognizes electronic signatures and seals across member states.

GDPR - General Data Protection Regulation

GDPR is a comprehensive data protection regulation in the EU. It governs the processing and protection of personal data, providing individuals with greater control over their data and imposing strict requirements on organizations handling personal data.

ISO/IEC 27001 (ISO27k1)

ISO/IEC 27001, also known as ISO27k1, is an internationally recognized standard for information security management systems (ISMS). Compliance with ISO27k1 demonstrates your organization’s commitment to ensuring the confidentiality, integrity, and availability of information assets.

Get in touch

If you’re looking to contact one of our experts or find out more about cybersecurity  solutions get in touch with FORT by filling out the form below.

Understanding a Security Operations Center (SOC): what it is and when you need it

Thistle Initiatives and Fort Cyber partner to accelerate cybersecurity and compliance for Financial Services clients

What is WAF (web application firewall) and should you use it?