What we offerThe Largest Framework Library on the Market
Our extensive risk management and compliance framework library of over 300+ frameworks
Looking for the Framework you need to implement
Available Frameworks Family
Comprehensive and Customizable
| Sr No | Framework Name | Category |
|---|---|---|
| 1 | AICPA TSC 2017 (with 2022 revised POF) | Privacy |
| 2 | BSI Standard 200-1 | Information Security |
| 3 | CIS CSC v8.0 | Cybersecurity |
| 4 | CIS CSC v8.0 IG1 | Cybersecurity |
| 5 | CIS CSC v8.0 IG2 | Cybersecurity |
| 6 | CIS CSC v8.0 IG3 | Cybersecurity |
| 7 | COBIT 2019 | Information Security |
| 8 | COSO v2017 | Risk Management |
| 9 | CSA CCM v4 | Cloud Security |
| 10 | CSA IoT SCF v2 | Information Security |
| 11 | ENISA v2.0 | Cybersecurity |
| 12 | GAPP | Privacy |
| 13 | IEC TR 60601-4-5 v2021 | Healthcare |
| 14 | IEC 62443-4-2 | Industrial Control Systems Security |
| 15 | ISO/SAE 21434 v2021 | Information Security |
| 16 | ISO 22301 v2019 | Information Security |
| 17 | ISO 27001 v2013 | Information Security |
| 18 | ISO 27001 v2022 | Information Security |
| 19 | ISO 27002 v2013 | Information Security |
| 20 | ISO 27002 v2022 | Information Security |
| 21 | ISO 27017 v2015 | Information Security |
| 22 | ISO 27018 v2014 | Information Security |
| 23 | ISO 27701 v2019 | Information Security |
| 24 | ISO 29100 v2011 | Information Security |
| 25 | ISO 31000 v2009 | Information Security |
| 26 | ISO 31010 v2009 | Information Security |
| 27 | ISO 42001 v2023 | Information Security |
| 28 | MITRE ATT&CK 10 | Cybersecurity |
| 29 | MPA Content Security Program v5.1 | Media and Content Protection |
| 30 | NAIC Insurance Data Security Model Law (MDL-668) | Financial Compliance |
| 31 | NIST AI RMF AI 100-1 v1.0 | Information Security |
| 32 | NIST Privacy Framework v1.0 | Information Security |
| 33 | NIST 800-37 rev 2 | Information Security |
| 34 | NIST 800-39 | Information Security |
| 35 | NIST 800-53 rev4 | Information Security |
| 36 | NIST 800-53 rev4 (low) | Information Security |
| 37 | NIST 800-53 rev4 (moderate) | Information Security |
| 38 | NIST 800-53 rev4 (high) | Information Security |
| 39 | NIST 800-53 rev5 | Information Security |
| 40 | NIST 800-53B rev5 (privacy) | Information Security |
| 41 | NIST 800-53B rev5 (low) | Information Security |
| 42 | NIST 800-53B rev5 (moderate) | Information Security |
| 43 | NIST 800-53B rev5 (high) | Information Security |
| 44 | NIST 800-53 rev5 (NOC) | Information Security |
| 45 | NIST 800-63B (partial mapping) | Information Security |
| 46 | NIST 800-66 rev2 | Information Security |
| 47 | NIST 800-82 rev3 LOW OT Overlay | Information Security |
| 48 | NIST 800-82 rev3 MODERATE OT Overlay | Information Security |
| 49 | NIST 800-82 rev3 HIGH OT Overlay | Information Security |
| 50 | NIST 800-160 | Information Security |
| 51 | NIST 800-161 rev 1 | Information Security |
| 52 | NIST 800-161 rev 1 C-SCRM Baseline | Information Security |
| 53 | NIST 800-161 rev 1 Flow Down | Information Security |
| 54 | NIST 800-161 rev 1 Level 1 | Information Security |
| 55 | NIST 800-161 rev 1 Level 2 | Information Security |
| 56 | NIST 800-161 rev 1 Level 3 | Information Security |
| 57 | NIST 800-171 rev 2 | Information Security |
| 58 | NIST 800-171 rev 3 | Information Security |
| 59 | NIST 800-171A | Information Security |
| 60 | NIST 800-171A rev 3 | Information Security |
| 61 | NIST 800-172 | Information Security |
| 62 | NIST 800-207 | Information Security |
| 63 | NIST 800-218 v1.1 SSDF | Information Security |
| 64 | NIST CSF v1.1 | Information Security |
| 65 | NIST CSF v2.0 | Information Security |
| 66 | OWASP Top 10 v2021 | Application Security |
| 67 | PCIDSS v3.2 | Privacy |
| 68 | PCI DSS v4.0 | Privacy |
| 69 | PCI DSS v4.0 SAQ A | Privacy |
| 70 | PCI DSS v4.0 SAQ A-EP | Privacy |
| 71 | PCI DSS v4.0 SAQ B | Privacy |
| 72 | PCI DSS v4.0 SAQ B-IP | Privacy |
| 73 | PCI DSS v4.0 SAQ C | Privacy |
| 74 | PCI DSS v4.0 SAQ C-VT | Privacy |
| 75 | PCI DSS v4.0 SAQ D Merchant | Privacy |
| 76 | PCI DSS v4.0 SAQ D Service Provider | Privacy |
| 77 | PCI DSS v4.0 SAQ P2PE | Privacy |
| 78 | Shared Assessments SIG 2024 | Risk Management |
| 79 | SPARTA | Cybersecurity |
| 80 | SWIFT CSF v2023 | Financial Security |
| 81 | TISAX ISA v6 | Automotive Security |
| 82 | UL 2900-1 | IoT Security |
| 83 | UN R155 | Automotive Security |
| 84 | UN ECE WP.29 | Automotive Security |
| 85 | US C2M2 v2.1 | Automotive Security |
| 86 | US CERT RMM v1.2 | Risk Management |
| 87 | US CISA CPG v2022 | Cybersecurity |
| 88 | US CJIS Security Policy 5.9.3 | Criminal Justice Security |
| 89 | US CMMC 2.0 Level 1 | Cybersecurity |
| 90 | US CMMC 2.0 Level 2 | Cybersecurity |
| 91 | US CMMC 2.0 Level 3 | Cybersecurity |
| 92 | US CMMC 2.1 (draft) Level 1 | Cybersecurity |
| 93 | US CMMC 2.1 (draft) Level 2 | Cybersecurity |
| 94 | US CMMC 2.1 (draft) Level 3 | Cybersecurity |
| 95 | US CMS MARS-E v2.0 | Cybersecurity |
| 96 | US COPPA | Cybersecurity |
| 97 | US DoD Zero Trust Reference Architecture v2.0 | Cybersecurity |
| 98 | US DFARS Cybersecurity 252.204-70xx | Cybersecurity |
| 99 | US DHS CISA TIC 3.0 | Cybersecurity |
| 100 | US DHS ZTCF | Cybersecurity |
| 101 | US FACTA | Privacy |
| 102 | US FAR 52.204-21 | Compliance |
| 103 | US FAR 52.204-27 | Compliance |
| 104 | US FAR Section 889 | Compliance |
| 105 | US FDA 21 CFR Part 11 | Healthcare |
| 106 | US FedRAMP R4 | Cloud Security |
| 107 | US FedRAMP R4 (low) | Uncategorized |
| 108 | US FedRAMP R4 (moderate) | Uncategorized |
| 109 | US FedRAMP R4 (high) | Uncategorized |
| 110 | US FedRAMP R4 (LI-SaaS) | Uncategorized |
| 111 | US FedRAMP R5 | Uncategorized |
| 112 | US FedRAMP R5 (low) | Uncategorized |
| 113 | US FedRAMP R5 (moderate) | Uncategorized |
| 114 | US FedRAMP R5 (high) | Uncategorized |
| 115 | US FedRAMP R5 (LI-SaaS) | Uncategorized |
| 116 | US FERPA | Privacy |
| 117 | US FFIEC | Financial Security |
| 118 | US FINRA | Financial Security |
| 119 | US FTC Act | Privacy |
| 120 | US GLBA CFR 314 (Dec 2023) | Financial Security |
| 121 | US HIPAA | Health |
| 122 | HIPAA - HICP Small Practice | Health |
| 123 | HIPAA - HICP Medium Practice | Health |
| 124 | HIPAA - HICP Large Practice | Health |
| 125 | US IRS 1075 | Privacy |
| 126 | US ITAR Part 120 (limited) | Financial Security |
| 127 | US NERC CIP | Financial Security |
| 128 | US NISPOM | Financial Security |
| 129 | US NNPI (unclass) | Financial Security |
| 130 | US NSTC NSPM-33 | Financial Security |
| 131 | US Privacy Shield | Privacy |
| 132 | US SEC Cybersecurity Rule | Financial Security |
| 133 | US SOX | Financial Security |
| 134 | US SSA EIESR v8.0 | Financial Security |
| 135 | US StateRAMP Low Category 1 | Cloud Security |
| 136 | US StateRAMP Low+ Category 2 | Cloud Security |
| 137 | US StateRAMP Moderate Category 3 | Cloud Security |
| 138 | US TSA / DHS 1580/82-2022-01 | Cloud Security |
| 139 | US - AK PIPA | Privacy |
| 140 | US - CA SB327 | Privacy |
| 141 | US-CA CPRA (Nov 2022) | Privacy |
| 142 | US - CA SB1386 | Privacy |
| 143 | US - CO Colorado Privacy Act | Privacy |
| 144 | US - IL BIPA | Privacy |
| 145 | US - IL IPA | Privacy |
| 146 | US - IL PIPA | Privacy |
| 147 | US-MA 201 CMR 17.00 | Privacy |
| 148 | US - NV SB220 | Privacy |
| 149 | US - NY DFS 23 NYCRR500 2023 Amd 2 | Privacy |
| 150 | US - NY SHIELD Act S5575B | Financial Security |
| 151 | US - OR 646A | Privacy |
| 152 | US - SC Insurance Data Security Act | Financial Security |
| 153 | US - TN Tennessee Information Protection Act | Privacy |
| 154 | US - TX BC521 | Privacy |
| 155 | US-TX Cybersecurity Act | Cybersecurity |
| 156 | US-TX DIR Control Standards 2.0 | Cybersecurity |
| 157 | US-TX TX-RAMP Level 1 | Cloud Security |
| 158 | US-TX TX-RAMP Level 2 | Cloud Security |
| 159 | US-TX SB820 | Privacy |
| 160 | US-VA CDPA 2023 | Privacy |
| 161 | US-VT Act 171 of 2018 | Privacy |
| 162 | EMEA EU EBA GL/2019/04 | Privacy |
| 163 | EMEA EU DORA | Cybersecurity |
| 164 | EMEA EU ePrivacy (draft) | Privacy |
| 165 | EMEA EU GDPR | Privacy |
| 166 | EMEA EU NIS2 | Privacy |
| 167 | EMEA EU PSD2 | Privacy |
| 168 | EMEA EU EU-US Data Privacy Framework | Privacy |
| 169 | EMEA Austria | Privacy |
| 170 | EMEA Belgium | Privacy |
| 171 | EMEA Czech Republic | Privacy |
| 172 | EMEA Denmark | Privacy |
| 173 | EMEA Finland | Privacy |
| 174 | EMEA France | Privacy |
| 175 | EMEA Germany | Privacy |
| 176 | EMEA Germany Banking Supervisory Requirements for IT (BAIT) | Financial Security |
| 177 | EMEA Germany C5-2020 | Cybersecurity |
| 178 | EMEA Greece | Privacy |
| 179 | EMEA Hungary | Privacy |
| 180 | EMEA Ireland | Privacy |
| 181 | EMEA Israel CDMO v1.0 | Privacy |
| 182 | EMEA Israel | Privacy |
| 183 | EMEA Italy | Privacy |
| 184 | EMEA Kenya DPA 2019 | Privacy |
| 185 | EMEA Luxembourg | Privacy |
| 186 | EMEA Netherlands | Privacy |
| 187 | EMEA Nigeria DPR 2019 | Privacy |
| 188 | EMEA Norway | Privacy |
| 189 | EMEA Poland | Privacy |
| 190 | EMEA Portugal | Privacy |
| 191 | EMEA Qatar PDPPL | Privacy |
| 192 | EMEA Russia | Privacy |
| 193 | EMEA Saudi Arabia CSCC – 1: 2019 | Cybersecurity |
| 194 | EMEA Saudi Arabia SACS-002 | Cybersecurity |
| 195 | EMEA Saudi Arabia SAMA CSFv1.0 | Cybersecurity |
| 196 | EMEA Saudi Arabia ECC-12018 | Cybersecurity |
| 197 | EMEA Saudi Arabia OTCC-1 2022 | Cybersecurity |
| 198 | EMEA Serbia 87/2018 | Privacy |
| 199 | EMEA Slovak Republic | Privacy |
| 200 | EMEA South Africa | Privacy |
| 201 | EMEA Spain 1720/2007 | Privacy |
| 202 | EMEA Spain 311/2022 | Privacy |
| 203 | EMEA Spain CCN-STIC 825 | Cybersecurity |
| 204 | EMEA Sweden | Privacy |
| 205 | EMEA Switzerland | Privacy |
| 206 | EMEA Turkey | Privacy |
| 207 | EMEA UAE | Privacy |
| 208 | EMEA UK CAF v3.1 | Cybersecurity |
| 209 | EMEA UK CAP 1850 | Privacy |
| 210 | EMEA UK Cyber Essentials | Uncategorized |
| 211 | EMEA UK DPA | Privacy |
| 212 | EMEA UK GDPR | Privacy |
| 213 | APAC Australia Essential 8 | Cybersecurity |
| 214 | APAC Australia Privacy Act | Privacy |
| 215 | APAC Australian Privacy Principles | Privacy |
| 216 | APAC Australia ISM June 2024 | Cybersecurity |
| 217 | APAC Australia IoT Code of Practice | Cybersecurity |
| 218 | APAC Australia Prudential Standard CPS230 | Financial Security |
| 219 | APAC Australia Prudential Standard CPS234 | Financial Security |
| 220 | APAC China Cybersecurity Law | Cybersecurity |
| 221 | APAC China Data Security Law (DSL) | Cybersecurity |
| 222 | APAC China DNSIP | Cybersecurity |
| 223 | APAC China Privacy Law | Privacy |
| 224 | APAC Hong Kong | Privacy |
| 225 | APAC India ITR | Privacy |
| 226 | APAC Indonesia | Privacy |
| 227 | APAC Japan APPI | Privacy |
| 228 | APAC Japan ISMAP | Privacy |
| 229 | APAC Malaysia | Privacy |
| 230 | APAC New Zealand HISF 2022 | Cybersecurity |
| 231 | APAC New Zealand NZISM 3.6 | Cybersecurity |
| 232 | APAC New Zealand Privacy Act of 2020 | Privacy |
| 233 | APAC Philippines | Privacy |
| 234 | APAC Singapore | Privacy |
| 235 | APAC Singapore Cyber Hygiene Practice | Cybersecurity |
| 236 | APAC Singapore MAS TRM 2021 | Financial Security |
| 237 | APAC South Korea | Privacy |
| 238 | APAC Taiwan | Privacy |
| 239 | Americas Argentina | Privacy |
| 240 | Americas Argentina Reg 132-2018 | Privacy |
| 241 | Americas Bahamas | Privacy |
| 242 | Americas Bermuda BMACCC | Privacy |
| 243 | Americas Brazil LGPD | Privacy |
| 244 | Americas Canada CSAG | Cybersecurity |
| 245 | Americas Canada OSFI B-13 | Financial Security |
| 246 | Americas Canada PIPEDA | Privacy |
| 247 | Americas Chile | Privacy |
| 248 | Americas Colombia | Privacy |
| 249 | Americas Costa Rica | Privacy |
| 250 | Americas Mexico | Privacy |
| 251 | Americas Peru | Privacy |
| 252 | Americas Uruguay | Privacy |
| 253 | SCF-B Business Mergers & Acquisitions | Privacy |
| 254 | SCF-I Cyber Insurance Duty of Care | Privacy |
| 255 | SCF-E Embedded Technology | Privacy |
| 256 | SCF-M MSP/MSSP Secure Practices Baseline | Privacy |
| 257 | SCF-R Ransomware Protection | Privacy |
| 258 | SCF-Z Zero Trust Architecture (ZTA) | Privacy |
| 259 | Minimum Security Requirements MCR + DSR | Information Security |
| 260 | Identify Minimum Compliance Requirements (MCR) | Information Security |
| 261 | Identify Discretionary Security Requirements (DSR) | Information Security |
| 262 | Risk Threat Summary | Risk Management |
| 263 | Risk R-AC-1 | Risk Management |
| 264 | Risk R-AC-2 | Risk Management |
| 265 | Risk R-AC-3 | Risk Management |
| 266 | Risk R-AC-4 | Risk Management |
| 267 | Risk R-AM-1 | Risk Management |
| 268 | Risk R-AM-2 | Risk Management |
| 269 | Risk R-AM-3 | Risk Management |
| 270 | Risk R-BC-1 | Risk Management |
| 271 | Risk R-BC-2 | Risk Management |
| 272 | Risk R-BC-3 | Risk Management |
| 273 | Risk R-BC-4 | Risk Management |
| 274 | Risk R-BC-5 | Risk Management |
| 275 | Risk R-EX-1 | Risk Management |
| 276 | Risk R-EX-2 | Risk Management |
| 277 | Risk R-EX-3 | Risk Management |
| 278 | Risk R-EX-4 | Risk Management |
| 279 | Risk R-EX-5 | Risk Management |
| 280 | Risk R-EX-6 | Risk Management |
| 281 | Risk R-EX-7 | Risk Management |
| 282 | Risk R-GV-1 | Risk Management |
| 283 | Risk R-GV-2 | Risk Management |
| 284 | Risk R-GV-3 | Risk Management |
| 285 | Risk R-GV-4 | Risk Management |
| 286 | Risk R-GV-5 | Risk Management |
| 287 | Risk R-GV-6 | Risk Management |
| 288 | Risk R-GV-7 | Risk Management |
| 289 | Risk R-GV-8 | Risk Management |
| 290 | Risk R-IR-1 | Risk Management |
| 291 | Risk R-IR-2 | Risk Management |
| 292 | Risk R-IR-3 | Risk Management |
| 293 | Risk R-IR-4 | Risk Management |
| 294 | Risk R-SA-1 | Risk Management |
| 295 | Risk R-SA-2 | Risk Management |
| 296 | Risk R-SC-1 | Risk Management |
| 297 | Risk R-SC-2 | Risk Management |
| 298 | Risk R-SC-3 | Risk Management |
| 299 | Risk R-SC-4 | Risk Management |
| 300 | Risk R-SC-5 | Risk Management |
| 301 | Risk R-SC-6 | Risk Management |
| 302 | Control Threat Summary | Threat Management |
| 303 | Threat NT-1 | Threat Management |
| 304 | Threat NT-2 | Threat Management |
| 305 | Threat NT-3 | Threat Management |
| 306 | Threat NT-4 | Threat Management |
| 307 | Threat NT-5 | Threat Management |
| 308 | Threat NT-6 | Threat Management |
| 309 | Threat NT-7 | Threat Management |
| 310 | Threat NT-8 | Threat Management |
| 311 | Threat NT-9 | Threat Management |
| 312 | Threat NT-10 | Threat Management |
| 313 | Threat NT-11 | Threat Management |
| 314 | Threat NT-12 | Threat Management |
| 315 | Threat NT-13 | Threat Management |
| 316 | Threat NT-14 | Threat Management |
| 317 | Threat MT-1 | Threat Management |
| 318 | Threat MT-2 | Threat Management |
| 319 | Threat MT-3 | Threat Management |
| 320 | Threat MT-4 | Threat Management |
| 321 | Threat MT-5 | Threat Management |
| 322 | Threat MT-6 | Threat Management |
| 323 | Threat MT-7 | Threat Management |
| 324 | Threat MT-8 | Threat Management |
| 325 | Threat MT-9 | Threat Management |
| 326 | Threat MT-10 | Threat Management |
| 327 | Threat MT-11 | Threat Management |
| 328 | Threat MT-12 | Threat Management |
| 329 | Threat MT-13 | Threat Management |
| 330 | Threat MT-14 | Threat Management |
| 331 | Threat MT-15 | Threat Management |
| 332 | Threat MT-16 | Threat Management |
| 333 | Threat MT-17 | Threat Management |
| 334 | Threat MT-18 | Threat Management |
| 335 | Threat MT-19 | Threat Management |
| 336 | Threat MT-20 | Threat Management |
| 337 | Threat MT-21 | Threat Management |
| 338 | Threat MT-22 | Threat Management |
| 339 | Threat MT-23 | Threat Management |
| 340 | Errata 2024.3 | Uncategorized |
Explore the extensive list of supported frameworks for your compliance needs.
.gif)
Report Updates/Changes to Frameworks/Regulations
Submit Your Framework Request
We Provide Best GRC Services For Your Need
Enhancing security, efficiency, and regulatory adherence with tailored GRC strategies
Feeling overwhelmed by the audit process? Don’t worry! GRC³ is here to help. We seamlessly gather and verify all the necessary evidence from your systems, allowing you to save time and focus on what truly matters. Let us simplify your audit experience!
Integrations and automation are game-changers! They reduce repetitive tasks and simplify compliance, allowing you to save valuable time and resources. By automating workflows like evidence collection, you'll have more freedom to focus on what truly matters for your business's success!
Achieving compliance reduces the risk of breaches and security incidents by implementing controls and guidelines for protecting critical business information, incident response, risk management, and more.
Establish a centralized hub for all information! Stay organized with documents, renewal dates, and risk profiles, plus enjoy automated assessments for smart risk analysis.
Our insightful reporting will not only help you cut costs but also elegantly streamline your journey towards achieving compliance.
Compliance thrives on proactive monitoring and regular reviews for continuous improvement and growth!
Compliance shouldn’t slow you down. By automating compliance processes, you eliminate repetitive tasks, reduce errors, and free up resources to focus on strategic goals. Our solutions integrate seamlessly into your existing workflow, ensuring efficiency while maintaining compliance with industry standards.
Proactive risk management is key to business resilience. Identifying and addressing vulnerabilities before they escalate protects your organization from financial, legal, and reputational harm. With real-time risk assessment and continuous monitoring, you stay ahead of threats and regulatory changes.
Available Frameworks, Standards, Regulations, and Best Practices
ISO 27001
ISO 27001 is an information security management system (ISMS) that helps keep consumer data safe.
ISO 27002
ISO 27002 provides guidelines for applying ISO 27001 effectively and improving your information security practices.
PCI DSS
PCI DSS ensures secure handling of cardholder data by organizations to protect against data breaches and fraud.
GDPR
GDPR is a regulation in EU law on data protection and privacy in the European Union and the European Economic Area.
SOC 2
SOC 2 defines criteria for managing data based on: security, availability, processing integrity, confidentiality, and privacy.
NIST
NIST is the set of cybersecurity activities and desired outcomes common across any critical infrastructure sector.
HIPAA
HIPAA is a U.S. regulation that ensures the security and privacy of healthcare information, applicable to healthcare providers and related organizations.
FEDRAMP
FEDRAMP is a U.S. government framework for assessing and authorizing cloud service providers to ensure they meet strict security requirements.
CMMC
CMMC is a framework introduced by the U.S. Department of Defense to ensure cybersecurity practices in the defense supply chain.
COBIT
COBIT is a framework for IT governance and management, helping organizations align IT goals with business objectives while mitigating risks.
CIS Controls
CIS Controls are a prioritized set of cybersecurity best practices, helping organizations defend against common threats through actionable steps.
SOX (Sarbanes-Oxley Act)
SOX (Sarbanes-Oxley Act) is a U.S. law that focuses on financial data security and governance, with IT-related sections emphasizing the protection of electronic records.
All Supported Frameworks
Comprehensive and Customizable
Explore the extensive list of supported frameworks for your compliance needs.
Information Security
- ISO 27001Information Security Management System
- NISTNational Institute of Standards and Technology
- COBITControl Objectives for Information Technologies
- NIST SCFNIST Secure Controls Framework
- SOC 1System and Organization Controls 1
- TISAXTrusted Information Security Assessment Exchange
- SOC 2System and Organization Controls 2
- SOC 3System and Organization Controls 3
- NIST 800-53Security & Privacy Controls
- MSRMinimum Security Requirements = MCR + DSR
- CJISCriminal Justice Information Services Security Policy
- ISO 42001ISO 42001 Standards
- ISO 20000 ISO 2001 Standards
- ISO 27799 ISO 27799 Standards
- NIST AI 600-1 NIST Artificial Intelligence Framework
- NIST 800-171 Protecting Controlled Unclassified Information
- NIST SP 800-218A Secure Software Development Framework
- ISO/SAE 21434 v2021 ISO 21434 Standard
- ISO 22301 v2019ISO 22301 Standard
- ISO 27001 v2022ISO 2022
- ISO 42001 v2023ISO 42001 Standard
- NIST 800-37 rev 2NIST 800-37 Revised 2 Framework
- NIST 800-53 rev 5NIST 800-53 Revised 5 Framework
- NIST 800-82 rev 3 LOWNIST 800-82 Revised 3 Framework
Privacy
- CCPACalifornia Consumer Privacy Act
- CPRACalifornia Privacy Rights Act
- eIDASElectronic Identification and Trust Services
- FERPAFamily Educational Rights and Privacy Act
- GDPRGeneral Data Protection Regulation
- GLBAGramm-Leach-Bliley Act
- Guernsey DPLGuernsey Data Protection Law
- IRS 1075Internal Revenue Service Publication 1075
- IRS 4812IRS Safeguards for Taxpayer Information
- MARS-EMinimum Acceptable Risk Standards for Exchanges
- PCIDSS v3.2Payment Card Industry Data Security Standard v3.2
- PCIDSS v4.0Payment Card Industry Data Security Standard v4.0
- Mastercard TQMMastercard Terminal Quality Management
- PCI DSSPayment Card Industry Data Security Standard
- PCI DSS v4.0 SAQ A Payment Card Industry Data Security Standard
- PCI DSS v4.0 SAQ AE-P Payment Card Industry Data Security Standard
- PCI-P2PEPoint-to-Point Encryption Standard
- PCI-PINPIN Security Requirements
- PCI-POIPoint of Interaction Security Requirements
- PHIPA OntarioPersonal Health Information Protection Act
- PIPA AlbertaPersonal Information Protection Act (Alberta)
- PIPA BCPersonal Information Protection Act (British Columbia)
- PIPEDAPersonal Information Protection and Electronic Documents Act
- USA PATRIOT ActUniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act
Cybersecurity
- CIS ControlsCenter for Internet Security Controls
- Essential EightAustralian Cybersecurity Practices
- DORADigital Operational Resilience Act
- NCSC CAFNational Cyber Security Centre Cyber Assessment Framework
- CIS CSC v8.0CIS Critical Security Controls Version 8
- CIS CSC v8.0 IG1Implementation Group 1 for CIS Critical Security Controls v8.0
- CIS CSC v8.0 IG2Implementation Group 2 for CIS Critical Security Controls v8.0
- CIS CSC v8.0 IG3Implementation Group 3 for CIS Critical Security Controls v8.0
- ENISA v2.0European Union Agency for Cybersecurity Framework v2.0
- MITRE ATT&CK 10MITRE Adversarial Tactics, Techniques, and Common Knowledge Version 10
- SPARTASecurity & Privacy Assurance Research & Technology
- US CMMC 2.0 Level 1 Cybersecurity Maturity Framework
Health
- HIPAAHealth Insurance Portability and Accountability Act
- HITRUST CSFHITRUST Common Security Framework
- HITECH ActThe Health Information Technology for Economic and Clinical Health Act
- ICH GCPInternational Council for Harmonisation Good Clinical Practice
Financial
- GFSC Handbook Guernsey Financial Services Commission Handbook
- SOX Sarbane-Oxley-Act
Quality Management
- ISO 13485 ISO 13485 Standard
- ISO 9001 ISO 9001 Standard
Environmental Management
- ISO 14001 Environmental Management
BCP
- ISO 22301 Business Continuity Management Systems
- HITRUST CSF HITRUST Common Security Framework
Conformity Assessment
- ISO 14001 ISO 14001 Standard