Security and Compliance

The Indian AEO Programme, which started in 2011, was designed to set standards to secure and to facilitate the ever-growing flow of goods in international trade. Each entity holding an AEO Certificate collaborated with Indian Customs to ensure safety and security in the supply chain.

The CAIQ measures a cloud provider's compliance with the Cloud Security Alliance’s Cloud Controls Matrix (CCM), a globally recognized security control framework for cloud computing.

CTPAT is a voluntary public-private sector partnership program that recognizes that CBP can provide the highest level of cargo security only through close cooperation with the principal stakeholders of the international supply chain, such as importers, carriers, consolidators, licensed customs brokers, and manufacturers.

ISO 9001 is the international standard for quality management systems (QMS). It provides a framework for organizations to consistently deliver products and services that meet customer and regulatory requirements while driving continuous improvement and operational efficiency.

ISO 14001 is the international standard for environmental management systems (EMS). It helps organizations improve environmental performance by managing environmental responsibilities systematically, reducing waste, conserving resources, and ensuring compliance with environmental regulations.

ISO 21434 is the international standard for road vehicles—cybersecurity engineering. It defines requirements for cybersecurity risk management throughout the lifecycle of automotive systems, including design, development, production, operation, maintenance, and decommissioning.

ISO 26262 is the international standard for road vehicles—functional safety. It establishes requirements for the safety of electrical and electronic systems in production automobiles, ensuring risks from system malfunctions are reduced to acceptable levels across the entire lifecycle.

ISO 27001 is the international standard for information security management systems (ISMS). It provides a framework for organizations to establish, implement, maintain, and continually improve information security controls, ensuring the protection of information assets while managing information security risks across certain legal, physical, and technical domains.

ISO 27017 is the international standard for cloud security controls. It provides a framework for organizations to establish cloud-specific security requirements and define shared responsibilities between cloud service providers and customers, ensuring the secure development, operation, and delivery of cloud-based products and services.

ISO 27018 is the international standard for the protection of personally identifiable information (PII) in public cloud environments. It provides a framework for organizations to establish additional controls for processing PII in cloud services, ensuring compliance with privacy and data protection requirements while maintaining secure cloud-based operations.

ISO 27701 is the international standard for privacy information management systems (PIMS). It provides a framework for organizations to establish data privacy controls that, when coupled with an ISMS, demonstrate effective privacy data management, ensuring the protection and proper processing of personally identifiable information (PII) while meeting privacy and data protection regulatory requirements.

ISO 50001 is the international standard for energy management systems (EnMS). It provides a framework for organizations to improve energy performance, increase efficiency, reduce costs, and minimize environmental impact by managing energy use systematically.

NVIDIA is committed to protecting your privacy. Full privacy policy is available here.

SIG Lite is a repository of third-party information security and privacy questions, indexed to multiple regulations and control frameworks. SIG Lite framework contains around 150 questions.

SOC reports and certification are the output of an annual third-party external audit of security controls. The audits, reports, and certification follow the Statement on Standards for Attestation (SSAE) 18 requirements set out by the American Institute of Certified Public Accountants (AICPA).