Security frameworks
Your guide to security and compliance standards.
Navigate through the complex landscape of security standards, certifications, and compliance frameworks that shape modern information security.
All frameworks
International standard for information security management systems (ISMS), with requirements for establishing, implementing, maintaining, and continuously improving an information security management system.
Service Organization Control 2, criteria for managing customer data based on five trust service principles.
European NIS2 directive for cybersecurity requirements of essential services. Tidal supports both the NIS2 CyberFundamentals and the NIS2 Quality Mark certification process.
Digital Operational Resilience Act, uniform requirements for the security of network and information systems of financial entities.
General Data Protection Regulation, rules for the protection of personal data and privacy rights of EU residents.
ABDO
General Security Requirements for Defense Contracts, security requirements for organizations working with the Dutch Ministry of Defense.
BIO
Baseline Information Security for Government, a standardized set of security measures for all government organizations.
CIS Controls
Prescriptive, prioritized set of cybersecurity practices and defensive actions designed to protect organizations against common cyber attacks.
DNB ICT Guidelines
Information security guidelines from De Nederlandsche Bank for financial institutions under its supervision.
EBA ICT Guidelines
Guidelines for ICT and security risk management from the European Banking Authority for financial institutions.
ISO 9001
International standard for quality management systems (QMS), with specifications for consistent delivery of products and services.
NEN7510
Dutch standard for information security in healthcare, with specific requirements for managing medical information.
NIST CSF
NIST Cybersecurity Framework, voluntary guidelines for organizations to better manage and reduce cybersecurity risks.
NIST SP800-53
Standard for security and privacy controls with detailed security control requirements for federal information systems.
RVIT
Security requirements for telecom providers under the Dutch Telecommunications Act.