Requirement

Encryption

Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.

Fulfill this requirement by completing the tasks below ->
Encryption
This requirement is part of the framework:  

Other requirements of the framework

No items found.
0
Encryption
No items found.
Technical cyber security
Best practices
How to implement:
Encryption
This policy on
Encryption
provides a set concrete tasks you can complete to secure this topic. Follow these best practices to ensure compliance and strengthen your overall security posture.
Read below what concrete actions you can take to improve this ->
Technical cyber security
Encryption
Frameworks that include requirements for this topic:
Cybersicherheitsverordnung (Schweiz)
Sikkerhetsloven (Norge)
Säkerhetsskyddslagen (Sverige)
Cybersikkerhedsloven (Danmark)
Avviż Legali 71 tal-2025 (Malta)
Закон за прилагане на NIS2 (България)

How to improve security around this topic

In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.

Here's a list of tasks that help you improve your information and cyber security related to
Encryption
Task name
Priority
Task completes
Complete these tasks to increase your compliance in this policy.
Critical
31 requirements
Verifying achieved protection level from used cryptographic procedures
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Verifying achieved protection level from used cryptographic procedures

This task helps you comply with the following requirements

5.1.1: Cryptography managementTISAX
Encryption of backup data
Critical
High
Normal
Low
32
requirements
Technical cyber security
Encryption

Encryption of backup data

This task helps you comply with the following requirements

Članak 30.1.h: KriptografijeNIS2 Croatia
9.8 §: SalausKyberturvallisuuslaki
5.2.9: Backup and recovery managementTISAX
30 § 3.8°: La cryptographie et du chiffrementNIS2 Belgium
2.9.4: Protect backups against intentional and unintentional deletion, manipulation and readingNSM ICT-SP
PR.DS-5: Protections against data leaks are implemented.CyberFundamentals
14.5.9): Kriptografijos ir šifravimoNIS2 Lithuania
Article 9a: ProtectionDORA
I-20: TIETOJENKÄSITTELY-YMPÄRISTÖN SUOJAUS KOKO ELINKAAREN AJAN – VARMUUSKOPIOINTIKatakri 2020
PR.DS-11: Backup policyNIST 2.0
Encryption of laptops
Critical
High
Normal
Low
33
requirements
Technical cyber security
Encryption

Encryption of laptops

This task helps you comply with the following requirements

Članak 30.1.h: KriptografijeNIS2 Croatia
9.8 §: SalausKyberturvallisuuslaki
3.1.4: Management of IT and mobile data storage devicesTISAX
30 § 3.8°: La cryptographie et du chiffrementNIS2 Belgium
2.7.3: Encrypt storage media which contain confidential data and which can easily be lost or compromisedNSM ICT-SP
14.5.9): Kriptografijos ir šifravimoNIS2 Lithuania
PR.DS-10: Data-in-use is protectedNIST 2.0
3.6: Encrypt Data on End-User DevicesCIS 18
6.6.4: Fyysisten tilojen, laitteiden ja tulosteiden turvallisuusOmavalvontasuunnitelma
27.(e): Dublējumi un šifrēšanaNIS2 Latvia
Encryption key inventory and management system
Critical
High
Normal
Low
25
requirements
Technical cyber security
Encryption

Encryption key inventory and management system

This task helps you comply with the following requirements

Članak 30.1.h: KriptografijeNIS2 Croatia
9.8 §: SalausKyberturvallisuuslaki
30 § 3.8°: La cryptographie et du chiffrementNIS2 Belgium
2.7.1: Establish crypto strategy in the organisationNSM ICT-SP
14.5.9): Kriptografijos ir šifravimoNIS2 Lithuania
27.(e): Dublējumi un šifrēšanaNIS2 Latvia
Art. 24.2.h: Politiche e procedure relative all'uso della crittografia e, ove opportuno, della cifratura;NIS2 Italy
21.2.h: EncryptionNIS2
CC6.1c: Technical security for protected information assetsSOC 2
10.1.2: Key managementISO 27017
Updating and implementing cryptographic technology
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Updating and implementing cryptographic technology

This task helps you comply with the following requirements

No items found.
Criteria for selection of encryption and cryptographic controls
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Criteria for selection of encryption and cryptographic controls

This task helps you comply with the following requirements

No items found.
Encryption of data in use
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Encryption of data in use

This task helps you comply with the following requirements

No items found.
Creating and maintaining encryption and cryptography policy
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Creating and maintaining encryption and cryptography policy

This task helps you comply with the following requirements

No items found.
Certificate management
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Certificate management

This task helps you comply with the following requirements

No items found.
Authority approval for cryptosystems and cryptographic algorithms
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Authority approval for cryptosystems and cryptographic algorithms

This task helps you comply with the following requirements

§ 5-6: KryptosikkerhetSikkerhetsloven
Protection of data at rest
Critical
High
Normal
Low
5
requirements
Technical cyber security
Encryption

Protection of data at rest

This task helps you comply with the following requirements

PR.DS-01: Data-at-rest is protectedNIST 2.0
PR.DS-1: Data-at-rest is protected.CyberFundamentals
Article 13.1(.2.e): ConfidentialityCRA
§ 2.2.1 (Konfidentialitet): InformationssäkerhetsskyddsåtgärderSSL
Defining technical rules for encryption of information
Critical
High
Normal
Low
15
requirements
Technical cyber security
Encryption

Defining technical rules for encryption of information

This task helps you comply with the following requirements

5.1.1: Cryptography managementTISAX
14.5.9): Kriptografijos ir šifravimoNIS2 Lithuania
30 § 3.8°: La cryptographie et du chiffrementNIS2 Belgium
19.2.h: KriptaġġNIS2 Malta
23.3.h: VersleutelingNIS2 Netherlands
3.1.5: Strategier och förfaranden för användning av kryptografi och krypteringNIS2 Sweden
Artículo 15.2.h: Criptografía y cifradoNIS2 Spain
32.2.2.h: VerschlüsselungNIS2 Austria
30.8: Konzepte und Verfahren für den Einsatz von Kryptografie und VerschlüsselungNIS2 Germany
13.1.c: CriptareaNIS2 Romania
Encryption and addressing protections for secure data transfer
Critical
High
Normal
Low
6
requirements
Technical cyber security
Encryption

Encryption and addressing protections for secure data transfer

This task helps you comply with the following requirements

5.1.2: Information transferTISAX
3.10: Encrypt Sensitive Data in TransitCIS 18
Article 13.1(.2.e): ConfidentialityCRA
Article 35: Data, system and network securityDORA simplified RMF
Viranomaishyväksyttyjen salausratkaisuijen käyttö
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Viranomaishyväksyttyjen salausratkaisuijen käyttö

This task helps you comply with the following requirements

I-12: TIETOTURVALLISUUSTUOTTEIDEN ARVIOINTI JA HYVÄKSYNTÄ – SALAUSRATKAISUTKatakri 2020
Good encryption key management practices
Critical
High
Normal
Low
17
requirements
Technical cyber security
Encryption

Good encryption key management practices

This task helps you comply with the following requirements

Članak 30.1.h: KriptografijeNIS2 Croatia
9.8 §: SalausKyberturvallisuuslaki
2.7.1: Establish crypto strategy in the organisationNSM ICT-SP
I-12: TIETOTURVALLISUUSTUOTTEIDEN ARVIOINTI JA HYVÄKSYNTÄ – SALAUSRATKAISUTKatakri 2020
6.6.3: Tekniset vaatimuksetOmavalvontasuunnitelma
27.(e): Dublējumi un šifrēšanaNIS2 Latvia
Art. 24.2.h: Politiche e procedure relative all'uso della crittografia e, ove opportuno, della cifratura;NIS2 Italy
TEK-16: Tiedon salaaminenJulkri
21.2.h: EncryptionNIS2
CC6.1c: Technical security for protected information assetsSOC 2
Encryption of portable media
Critical
High
Normal
Low
23
requirements
Technical cyber security
Encryption

Encryption of portable media

This task helps you comply with the following requirements

Članak 30.1.h: KriptografijeNIS2 Croatia
9.8 §: SalausKyberturvallisuuslaki
2.7.3: Encrypt storage media which contain confidential data and which can easily be lost or compromisedNSM ICT-SP
PR.PT-2: Removable media is protected, and its use restricted according to policy.CyberFundamentals
PR.PT-2: Removable mediaNIST
3.6: Encrypt Data on End-User DevicesCIS 18
3.9: Encrypt Data on Removable MediaCIS 18
10.4: Configure Automatic Anti-Malware Scanning of Removable MediaCIS 18
27.(e): Dublējumi un šifrēšanaNIS2 Latvia
Article 35: Data, system and network securityDORA simplified RMF
Smartphone and tablet encryption
Critical
High
Normal
Low
4
requirements
Technical cyber security
Encryption

Smartphone and tablet encryption

This task helps you comply with the following requirements

10.1.1: Policy on the use of cryptographic controlsISO 27001
Article 35: Data, system and network securityDORA simplified RMF
General, risk-based encryption policy
Critical
High
Normal
Low
26
requirements
Technical cyber security
Encryption

General, risk-based encryption policy

This task helps you comply with the following requirements

5.1.1: Cryptography managementTISAX
30 § 3.8°: La cryptographie et du chiffrementNIS2 Belgium
14.5.9): Kriptografijos ir šifravimoNIS2 Lithuania
I-12: TIETOTURVALLISUUSTUOTTEIDEN ARVIOINTI JA HYVÄKSYNTÄ – SALAUSRATKAISUTKatakri 2020
TEK-01.1: Verkon rakenteellinen turvallisuus - salaus yleisissä tietoverkoissaJulkri
10.1.1: Policy on the use of cryptographic controlsISO 27001
10.1.2: Key managementISO 27001
I12: SalausratkaisutKatakri
8.24: Use of cryptographyISO 27001
15.2.η: ΚρυπτογράφησηNIS2 Greece
Secure transmission of confidential information over a data network
Critical
High
Normal
Low
4
requirements
Technical cyber security
Encryption

Secure transmission of confidential information over a data network

This task helps you comply with the following requirements

14 §: Tietojen siirtäminen tietoverkossaTiHL
4.4: Salassa pidettävien tietojen siirtäminen yleisissä tietoverkoissaTiHL tietoturvavaatimukset
Art. 11: Übermittlung und Nutzung der InformationenCSV
Aineiston sähköinen välitys (TL IV-II)
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Aineiston sähköinen välitys (TL IV-II)

This task helps you comply with the following requirements

I15: Aineiston sähköinen välitysKatakri
I-15: TURVALLISUUSLUOKITELTUJEN TIETOJEN VÄLITYS FYYSISESTI SUOJATTUJEN ALUEIDEN VÄLILLÄ – TIEDON SÄHKÖINEN VÄLITYSKatakri 2020
Aineiston välitys postilla tai kuriirilla (TL IV)
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Aineiston välitys postilla tai kuriirilla (TL IV)

This task helps you comply with the following requirements

I16: Aineiston välitys postilla ja kuriirillaKatakri
F-08.1: TIETOJEN VÄLITYS POSTILLA JA KURIIRILLAKatakri 2020
Aineiston välitys postilla tai kuriirilla (TL III)
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Aineiston välitys postilla tai kuriirilla (TL III)

This task helps you comply with the following requirements

I16: Aineiston välitys postilla ja kuriirillaKatakri
F-08.1: TIETOJEN VÄLITYS POSTILLA JA KURIIRILLAKatakri 2020
Aineiston välitys postilla tai kuriirilla (TL II)
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Aineiston välitys postilla tai kuriirilla (TL II)

This task helps you comply with the following requirements

I16: Aineiston välitys postilla ja kuriirillaKatakri
F-08.1: TIETOJEN VÄLITYS POSTILLA JA KURIIRILLAKatakri 2020
Providing customers with encryption key management capabilities
Critical
High
Normal
Low
4
requirements
Technical cyber security
Encryption

Providing customers with encryption key management capabilities

This task helps you comply with the following requirements

10: CryptographyISO 27017
10.1: Cryptographic controlsISO 27017
10.1.2: Key managementISO 27017
Regularly auditing encryption and encryption key management systems
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Regularly auditing encryption and encryption key management systems

This task helps you comply with the following requirements

No items found.
Use of industry-approved cryptographic libraries
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Use of industry-approved cryptographic libraries

This task helps you comply with the following requirements

No items found.
Encryption keys provisioned for unique purpose
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Encryption keys provisioned for unique purpose

This task helps you comply with the following requirements

No items found.
Recycling encryption keys
Critical
High
Normal
Low
3
requirements
Technical cyber security
Encryption

Recycling encryption keys

This task helps you comply with the following requirements

2.7.1: Establish crypto strategy in the organisationNSM ICT-SP
Revoking encryption keys
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Revoking encryption keys

This task helps you comply with the following requirements

No items found.
Destruction of encryption keys
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Destruction of encryption keys

This task helps you comply with the following requirements

No items found.
Activation of encryption keys
Critical
High
Normal
Low
4
requirements
Technical cyber security
Encryption

Activation of encryption keys

This task helps you comply with the following requirements

2.7.1: Establish crypto strategy in the organisationNSM ICT-SP
2.7.2: Activate encryption in services which offer such functionalityNSM ICT-SP
Deactivating encryption keys
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Deactivating encryption keys

This task helps you comply with the following requirements

No items found.
Encryption key temporary revocation
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Encryption key temporary revocation

This task helps you comply with the following requirements

No items found.
Encryption key archival
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Encryption key archival

This task helps you comply with the following requirements

No items found.
Encryption key recovery
Critical
High
Normal
Low
3
requirements
Technical cyber security
Encryption

Encryption key recovery

This task helps you comply with the following requirements

2.7.1: Establish crypto strategy in the organisationNSM ICT-SP
Managing compromised encryption keys
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Managing compromised encryption keys

This task helps you comply with the following requirements

2.7.1: Establish crypto strategy in the organisationNSM ICT-SP
Considering encryption and cryptographic key management in risk management procedures
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Considering encryption and cryptographic key management in risk management procedures

This task helps you comply with the following requirements

No items found.
Compliance of used cryptographic controls in relation to applicable requirements
Critical
High
Normal
Low
5
requirements
Technical cyber security
Encryption

Compliance of used cryptographic controls in relation to applicable requirements

This task helps you comply with the following requirements

18.1.5: Regulation of cryptographic controlsISO 27017
18.1.5: Regulation of cryptographic controlsISO 27001
5.31: Legal, statutory, regulatory and contractual requirementsISO 27001
2.7.1: Establish crypto strategy in the organisationNSM ICT-SP
Article 13.1(.2.e): ConfidentialityCRA
Descriptions of used cryptography in relation to offered cloud services
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Descriptions of used cryptography in relation to offered cloud services

This task helps you comply with the following requirements

18.1.5: Regulation of cryptographic controlsISO 27017
Protection of data in transit
Critical
High
Normal
Low
34
requirements
Technical cyber security
Encryption

Protection of data in transit

This task helps you comply with the following requirements

PR.DS-2: Data-in-transitNIST
21.2.h: EncryptionNIS2
Article 9a: ProtectionDORA
5.1.2: Information transferTISAX
9.8 §: SalausKyberturvallisuuslaki
PR.DS-2: Data-in-transit is protected.CyberFundamentals
14.5.9): Kriptografijos ir šifravimoNIS2 Lithuania
2.7.4: Use encryption when transferring confidential information or when trust in the information channel is lowNSM ICT-SP
2.4.2: Encrypt all wireless and wired connectionsNSM ICT-SP
2.8.2: Activate STARTTLS on the organisation’s email serverNSM ICT-SP
Salaus yleisissä tietoverkoissa
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Salaus yleisissä tietoverkoissa

This task helps you comply with the following requirements

TEK-01.1: Verkon rakenteellinen turvallisuus - salaus yleisissä tietoverkoissaJulkri
Salaaminen turva-alueiden ulkopuolella
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Salaaminen turva-alueiden ulkopuolella

This task helps you comply with the following requirements

TEK-01.4: Verkon rakenteellinen turvallisuus - salaaminen turva-alueiden ulkopuolellaJulkri
Hallintayhteyksien salaaminen julkisessa verkossa
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Hallintayhteyksien salaaminen julkisessa verkossa

This task helps you comply with the following requirements

TEK-04.2: Hallintayhteydet - hallintayhteyksen salaaminenJulkri
Langattomien yhteyksien salaaminen
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Langattomien yhteyksien salaaminen

This task helps you comply with the following requirements

TEK-05: Langaton tiedonsiirtoJulkri
Encryption solution and guidelines for personnel to encrypt transferred information
Critical
High
Normal
Low
9
requirements
Technical cyber security
Encryption

Encryption solution and guidelines for personnel to encrypt transferred information

This task helps you comply with the following requirements

Članak 30.1.h: KriptografijeNIS2 Croatia
9.8 §: SalausKyberturvallisuuslaki
3.11: Encrypt Sensitive Data at RestCIS 18
27.(e): Dublējumi un šifrēšanaNIS2 Latvia
Art. 24.2.h: Politiche e procedure relative all'uso della crittografia e, ove opportuno, della cifratura;NIS2 Italy
TEK-16: Tiedon salaaminenJulkri
21.2.h: EncryptionNIS2
Article 13.1(.2.e): ConfidentialityCRA
15.2.η: ΚρυπτογράφησηNIS2 Greece
Turvallisuusluokiteltua tietoa sisältävien hallintayhteyksien turvallisuus (TL IV)
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Turvallisuusluokiteltua tietoa sisältävien hallintayhteyksien turvallisuus (TL IV)

This task helps you comply with the following requirements

TEK-04.6: Hallintayhteydet - turvallisuusluokiteltua tietoa sisältävät hallintayhteydetJulkri
I-04: TIETOJENKÄSITTELY-YMPÄRISTÖJEN SUOJATTU YHTEENLIITTÄMINEN – HALLINTAYHTEYDETKatakri 2020
Turvallisuusluokiteltua tietoa sisältävien hallintayhteyksien turvallisuus (TL IV)
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Turvallisuusluokiteltua tietoa sisältävien hallintayhteyksien turvallisuus (TL IV)

This task helps you comply with the following requirements

TEK-04.7: Hallintayhteydet - salaaminen turvallisuusluokan sisälläJulkri
I-04: TIETOJENKÄSITTELY-YMPÄRISTÖJEN SUOJATTU YHTEENLIITTÄMINEN – HALLINTAYHTEYDETKatakri 2020
Tiedon salaaminen langattomassa tiedonsiirrossa (TL IV)
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Tiedon salaaminen langattomassa tiedonsiirrossa (TL IV)

This task helps you comply with the following requirements

TEK-05.1: Langaton tiedonsiirto - salaaminenJulkri
I-05: SUOJATTAVIEN TIETOJEN SIIRTÄMINEN FYYSISESTI SUOJATTUJEN ALUEIDEN ULKOPUOLELLA - LANGATON TIEDONSIIRTOKatakri 2020
Turvallisuusluokiteltujen tietojen erottelu ja salaaminen (TL IV)
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Turvallisuusluokiteltujen tietojen erottelu ja salaaminen (TL IV)

This task helps you comply with the following requirements

TEK-07.4: Pääsyoikeuksien hallinnointi - turvallisuusluokiteltujen tietojen erotteluJulkri
Turvallisuusluokitellun tiedon salaaminen siirrettäessä turvallisuusalueiden ulkopuolelle (TL IV)
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Turvallisuusluokitellun tiedon salaaminen siirrettäessä turvallisuusalueiden ulkopuolelle (TL IV)

This task helps you comply with the following requirements

TEK-16.2: Tiedon salaaminen - turvallisuusluokitellun tiedon siirto turvallisuusalueiden ulkopuolellaJulkri
Tiedon salaamisen lisävaatimukset (TL III)
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Tiedon salaamisen lisävaatimukset (TL III)

This task helps you comply with the following requirements

TEK-16.4: Tiedon salaaminen - TL IIIJulkri
Tiedon salaamisen lisävaatimukset (TL I)
Critical
High
Normal
Low
1
requirements
Technical cyber security
Encryption

Tiedon salaamisen lisävaatimukset (TL I)

This task helps you comply with the following requirements

TEK-16.5: Tiedon salaaminen - TL IJulkri
Ensuring sovereignty of encryption keys
Critical
High
Normal
Low
2
requirements
Technical cyber security
Encryption

Ensuring sovereignty of encryption keys

This task helps you comply with the following requirements

5.1.1: Cryptography managementTISAX
Management of encryption keys activation and end dates
Critical
High
Normal
Low
3
requirements
Technical cyber security
Encryption

Management of encryption keys activation and end dates

This task helps you comply with the following requirements

10.1.2: Key managementISO 27001
Revision of encryption methods and assessment of adequacy
Critical
High
Normal
Low
14
requirements
Technical cyber security
Encryption

Revision of encryption methods and assessment of adequacy

This task helps you comply with the following requirements

Članak 30.1.h: KriptografijeNIS2 Croatia
9.8 §: SalausKyberturvallisuuslaki
5.1.1: Cryptography managementTISAX
27.(e): Dublējumi un šifrēšanaNIS2 Latvia
Art. 24.2.h: Politiche e procedure relative all'uso della crittografia e, ove opportuno, della cifratura;NIS2 Italy
21.2.h: EncryptionNIS2
CC6.1c: Technical security for protected information assetsSOC 2
10.1.1: Policy on the use of cryptographic controlsISO 27001
8.24: Use of cryptographyISO 27001
Article 13.1(.2.e): ConfidentialityCRA
Encryption of server data
Critical
High
Normal
Low
4
requirements
Technical cyber security
Encryption

Encryption of server data

This task helps you comply with the following requirements

10.1.1: Policy on the use of cryptographic controlsISO 27001
2.7.3: Encrypt storage media which contain confidential data and which can easily be lost or compromisedNSM ICT-SP
PR.DS-10: Data-in-use is protectedNIST 2.0
3.11: Encrypt Sensitive Data at RestCIS 18
Complete these tasks in Cyberday ISMS ->

How to comply with this requirement

In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.

Here's a list of tasks that help you comply with the requirement
Encryption
of the framework  
Task name
Priority
Task completes
Complete these tasks to increase your compliance in this policy.
Critical
31 requirements
No other tasks found.
Complete these tasks in Cyberday ISMS ->

The ISMS component hierachy

When building an ISMS, it's important to understand the different levels of information hierarchy. Here's how Cyberday is structured.

Framework

Sets the overall compliance standard or regulation your organization needs to follow.

Requirements

Break down the framework into specific obligations that must be met.

Tasks

Concrete actions and activities your team carries out to satisfy each requirement.

Policies

Documented rules and practices that are created and maintained as a result of completing tasks.

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Effortless compliance improvement
Widest framework library in EU
Extensive support

Start your compliance journey

Use in MS Teams or use your browser with Slack integration.
Risk free trial. No credit card required. Stop at any time.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessments
Resources
AcademyWebinarsBlogHelp articlesVideo coursesContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security