Industry Standards & Best Practices

Data processing is highly regulated in vertical industries such as financial services, government, telecom, healthcare, travel and transportation, retail as well as in the public sector. Understanding the local, regional and global regulatory requirements and defining / implementing the data processing controls and testing its effectiveness become more complex. Using industry best practices can provide some guidance and direction to comply with these requirements.

The industry standard and best practices assessment program develops a road map to address the inherent issues that are historically grown due to lack of IT standards.

An architectural and operational standard controls the changes and the growth of IT infrastructure and its operations. It mitigates the risk of service disruptions, which could happen by the proactive and preventive maintenance activities.

Industry standard aligned data centre infrastructure and service management practices, enhanced by the use of best practices supports the rapid IT changes and deployment as required by the business growth; it ensures the elasticity and flexibility of the key business asset in data centres. Conducting an assessment and review of the defined and applied standards, in the IT management and IT operations aims to identify gaps against the industry standards and best practices. 


More info to this topic:

Financial Market

Federal Act on the Swiss Financial Market Supervisory Authority

Swiss Financial Market Supervisory Authority

Forum Self-Regulatory Organisation

Basel Committee on Banking Supervision

Swiss National Bank

Swiss Banker Association


Information Technology

Business Process Framework (eTOM)

itSMF International

ISO/IEC 27002:2013 Code of practice for Information security controls

ISO/IEC 27000 Information technology – Security techniques

ISO/IEC 27018 Personally Identifiable Information in the Cloud

ISO/IEC 17789 Cloud Computing Reference Architecture

BSI Best practice frameworks for cloud security


The European Commission - General Data Protection Regulation (GDPR)

National Institute of Standards and Technology

NIST Security Assessment Framework

NIST Cloud Computing Reference Architecture

SOC1 & SOC 2 Preparation Checklist (SSAE18)



This website uses cookies - more information on this and your rights as a user can be found in our privacy policy at the bottom of this page. Click "Accept" to accept cookies and visit our website directly.