Degree Type

Creative Component

Semester of Graduation

Fall 2020


Electrical and Computer Engineering

First Major Professor

Doug Jacobson


Master of Science (MS)


Computer Engineering


The internet has made our lives very easy, and we are always one click away from the world. As the internet has become very common, it also has allowed cyber attackers to steal valuable information, including sensitive personal information and credit card information. We hear every day in the news about data breaches and cyber-attacks. Government, private, and non-profit organizations are trying their best to stop these cyber-attacks. New software, hardware technology, and different information security compliance are being introduced to stop information breaches and cyber-attacks.

As a result of mandatory implementation of compliance and framework by the US government, I decided to write a paper on cybersecurity frameworks and this paper discusses different compliance and cybersecurity frameworks that are used to secure the users' and customers' information. The frameworks included in this paper are Service Organization Control 2 (SOC 2), ISO 27001, and Payment Card Information Data Security Standard (PCI DSS).

My research work for SOC 2 compliance includes the main principles, benefits, and checklist of SOC 2 compliance. In the end, it also includes what different opinions auditors can give once the audit is done. Most of the time, SOC 2 compliance is used to strengthen internal controls.

ISO 27001 has its own requirements to secure and manage the controls of an organization. My work on ISO 27001 talks about its primary goals, controls, domains, benefits, and its implementation in government and private companies.

PCI DSS compliance applies to any entity which stores, transmits, and processes payment card information. For this paper, I have researched PCI ecosystem, goals, requirements, and benefits of complying with PCI compliance.

Copyright Owner

Raza, Haider

File Format


Embargo Period (admin only)