AICPA SOC Reports
American Institute of Certified Public Accountants (AICPA) Service Organization Controls (SOC) reports provide assurance from a third-party auditor over control environments as they relate to the retrieval, storage, processing and transfer of data.
The Federal Risk and Authorization Management Program, or FedRAMP, is a United States government program that provides a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services.
Certificate of Networthiness (CoN) and Authority to Operate (ATO)
The Networthiness Certification confirms that information systems meet the security, compatibility, and sustainability standards set by the United States Army.
The Federal Information Processing Standard (FIPS) Publication 140-2 is a United States government standard that defines minimum security requirements for cryptographic modules in information technology products. The Cryptographic Module Validation Program (CMVP), headed by the National Institute of Standards and Technology (NIST) validates conformance to FIPS 140-2 requirements.
NATO has approved the BlackBerry® Enterprise Solution for the storage and transmission of data up to and including the NATO RESTRICTED classification.
Common Criteria EAL 4 +
Common Criteria provides assurance of the design and implementation of security-sensitive products. EAL4+ is the highest certification level and is frequently conducted for products deployed in environments handling sensitive government data.
The National Information Assurance Partnership (NIAP) is responsible for US implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.
Cyber Essentials is a cyber security standard developed under the auspices of the Communications-Electronics Security Group (CESG), the information security arm of Government Communications Headquarters (GCHQ) in the United Kingdom. It identifies the security controls that an organization must have in place in order to have confidence that they are addressing cyber security effectively and mitigating the risk from Internet-based threats.
The Payment Card Industry Data Security Standard (PCI-DSS) set minimum necessary requirements that every merchant and/or service provider must meet in order to protect the cardholder data of their customers.
BlackBerry QNX Certifications
The QNX® OS for Safety is certified to meet the requirements of International Electrotechnical Commission (IEC) standard 61508 Safety Integrity Level 3 (SIL3). It’s also assessed to be compliant with ISO 26262 Automotive Safety Integrity Level (ASIL D).