compliance workbook/guidance

Learn more about SLAC Cybersecurity's compliance with industry standards and government regulations.

Cybersecurity Compliance


Cybersecurity Compliance

As a School of Stanford (SU), as well as a contractor for the Department of Energy (DOE), SLAC must comply with various contract obligations, policies, orders, and directives regarding its cyber security posture.  SLAC's specific compliance obligations are detailed below.

SLAC's institutional policies and requirements apply to everyone at SLAC. Find the complete list, including the Computing & IT Policies, here.


Cybersecurity Regulatory Compliance

The federal government requires partner organizations to maintain a strong security posture to protect data breaches, reduce cyber attacks, and ensure compliance with industry best practices.  SLAC must comply with both DOE regulations as well as NIST 800-53

Below are policies, guidelines, publications, and federal information processing standards that SLAC complies with.

Guidance, Special Publications & Federal Information Processing Standards

NIST Cybersecurity Framework

In 2014, NIST (National Institute of Standards and Technology) established a framework for managing and reducing cybersecurity risk. It was designed to create a standard protocol for cybersecurity management, communications, and practices for U.S. Government organizations, contractors, subcontractors, and external parties. 

Below are relevant resources from NIST regarding cybersecurity best practices.