Every framework your auditor asks for.
Ten frameworks shipped out of the box. Cross-framework control mapping reduces evidence collection across overlapping audits. Plus custom frameworks for sector-specific requirements.
SOC 2
Trust Services Criteria
All five Trust Services Criteria for service organization controls.
Learn moreISO 27001
Information Security 2022
Global information security management standard.
Learn moreNIST CSF
Cybersecurity Framework 2.0
Identify, Protect, Detect, Respond, Recover.
Learn moreNIST 800-53
Rev 5 · 298 controls
Federal-grade security and privacy controls catalog.
Learn moreCIS v8.1
Critical Security Controls
Prioritized defense-in-depth control set.
Learn morePCI DSS
v4.0.1 · Payment card data
Payment Card Industry Data Security Standard.
Learn moreHIPAA
Security Rule · PHI
Protected Health Information safeguards.
Learn moreGDPR
EU personal data protection
General Data Protection Regulation compliance.
Learn moreNYDFS Part 500
23 NYCRR · NY financial
New York financial services cybersecurity.
Learn moreNYSDOH 405.46
10 NYCRR · NY hospital
New York hospital cybersecurity requirements.
Learn moreCustom frameworks
Bring your own controls and evidence requirements — internal frameworks, sector-specific (FFIEC, NERC CIP), regional regulations.
Talk to usCross-framework mapping, included.
One control answer satisfies SOC 2 + ISO 27001 + HIPAA + PCI overlapping requirements. Reduce evidence collection by 40%+.