Hi Vivian, The compliance needs of companies should really be addressed by themselves, through working with OpenStack to improve the project in areas that will benefit everyone’s compliance efforts – maybe checkout the compliance section in the OpenStack security guide? From: Vivian Fan <xfan888 at yahoo.com<mailto:xfan888 at yahoo.com>> Reply-To: Vivian Fan <xfan888 at yahoo.com<mailto:xfan888 at yahoo.com>> Date: Tue, 22 Apr 2014 09:45:16 -0700 To: "openstack-security at lists.openstack.org<mailto:openstack-security at lists.openstack.org>" <openstack-security at lists.openstack.org<mailto:openstack-security at lists.openstack.org>> Subject: [Openstack-security] OpenStack Auditing Standards Hi, My name is Vivian Fan and I am new to this mailing list. I am interested to know how OpenStack security group is currently addressing the compliance needs of Companies who are adopting this platform and issue auditing standards to facilitate the subscribers' compliance activities. I looked through the new document released by the security group but the guidance is very high level and not specific to OpenStack. Where can I get more info? Thanks, Vivian _______________________________________________ Openstack-security mailing list Openstack-security at lists.openstack.org<mailto:Openstack-security at lists.openstack.org> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security