Fluid Attacks logo
Contact Us
Young hacker smiling
Zero false positives

Expert intelligence + effective automation

Contact logo Contact Us

REQ.191 Protect data with maximum level

This document contains the details of the security requirements related to the definition and management of sensitive data in the organization. This requirement establishes the importance of protecting sensitive data with the maximum security level defined in the system.


Personal data must be secured with the maximum protection level defined (ISACA.G31.5).


  1. OWASP-ASVS v3.1-4.4 Verify that access to sensitive records is protected, such that only authorized objects or data is accessible to each user (for example, protect against users tampering with a parameter to see or alter another user’s account).

  2. GDPR- 6 Ensuring a high level of data protection despite the increased exchange of data.

  3. GDPR-51: Protecting sensitive personal data.

Service status - Terms of Use