Security and Compliance

The Indian AEO Programme, which started in 2011, was designed to set standards to secure and to facilitate the ever-growing flow of goods in international trade. Each entity holding an AEO Certificate collaborated with Indian Customs to ensure safety and security in the Supply Chain.

The CAIQ measures a cloud provider's compliance with the Cloud Security Alliance’s Cloud Controls Matrix (CCM), a globally recognized security control framework for cloud computing.

CTPAT is a voluntary public-private sector partnership program which recognizes that CBP can provide the highest level of cargo security only through close cooperation with the principle stakeholders of the international supply chain such as importers, carriers, consolidators, licensed customs brokers, and manufacturers.

ISO 27001 is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organization's information risk management processes.

ISO 27701 is developed to provide a standard for data privacy controls, which, when coupled with an ISMS, allows an organization to demonstrate effective privacy data management. It establishes the parameters for a PIMS in terms of privacy protection and processing personally identifiable information (PII).

NVIDIA is committed to protecting your privacy. Full privacy policy is available here.

SIG Lite is a  repository of third-party information security and privacy questions, indexed to multiple regulations and control frameworks. SIG Lite framework contains around 150 questions.

SOC reports & certification are the output of an annual 3rd party external audit of security controls.  The audits, reports and certification follow the Statement on Standards for Attestation (SSAE) 18 requirements set out by the American Institute of Certified Public Accountants (AICPA).