The Standard
Documents
The latest version of the OFDSS standard is available for review.
OFDSS V1.2
The latest version of the Open Finance Data Security Standard includes 79 individual security requirements across 13 control domains, along with implementation guidelines and audit steps.
What's Included
- Complete security requirements for each control domain
- Implementation guidelines for cloud-native environments
- Audit steps and verification procedures
- Mapping to SSAE18 TSC for Security and NIST CSF
Accessing the Document
To access the full OFDSS V1.2 document, please submit a request through our contact form. The working committee reviews requests and provides access to qualified organizations.
Request Access
To request access to the OFDSS V1.2 document, please fill out the contact form. The working committee will review your request and follow up with you.
Version History
| Version | Date | Notes |
|---|---|---|
| V1.2 | August 2022 | Added 4 new supporters, refined framework |
| V1.0 | November 2021 | Initial draft published |
Standards Alignment
OFDSS maintains alignment with the following frameworks:
SSAE18 Trust Services Criteria (TSC) for Security
The SSAE18 TSC provides a comprehensive set of criteria for evaluating the security of a service organization. OFDSS maps its requirements to the relevant TSC criteria, making it easier for companies to transition to SSAE18 compliance as they scale.
NIST Cybersecurity Framework (CSF)
The NIST CSF provides a policy framework for computer security guidance. OFDSS aligns with the five core functions: Identify, Protect, Detect, Respond, and Recover.