What we offer

The Largest Framework Library on the Market

Our extensive risk management and compliance framework library of over 300+ frameworks

All Frameworks ISO27001 SOC2 GDPR NIST PCI-DSS CMMC HIPAA FEDRAMP HITRUST

Looking for the Framework you need to implement

Available Frameworks Family

Comprehensive and Customizable

Sr No	Framework Name	Category
1	AICPA TSC 2017 (with 2022 revised POF)	Privacy
2	BSI Standard 200-1	Information Security
3	CIS CSC v8.0	Cybersecurity
4	CIS CSC v8.0 IG1	Cybersecurity
5	CIS CSC v8.0 IG2	Cybersecurity
6	CIS CSC v8.0 IG3	Cybersecurity
7	COBIT 2019	Information Security
8	COSO v2017	Risk Management
9	CSA CCM v4	Cloud Security
10	CSA IoT SCF v2	Information Security
11	ENISA v2.0	Cybersecurity
12	GAPP	Privacy
13	IEC TR 60601-4-5 v2021	Healthcare
14	IEC 62443-4-2	Industrial Control Systems Security
15	ISO/SAE 21434 v2021	Information Security
16	ISO 22301 v2019	Information Security
17	ISO 27001 v2013	Information Security
18	ISO 27001 v2022	Information Security
19	ISO 27002 v2013	Information Security
20	ISO 27002 v2022	Information Security
21	ISO 27017 v2015	Information Security
22	ISO 27018 v2014	Information Security
23	ISO 27701 v2019	Information Security
24	ISO 29100 v2011	Information Security
25	ISO 31000 v2009	Information Security
26	ISO 31010 v2009	Information Security
27	ISO 42001 v2023	Information Security
28	MITRE ATT&CK 10	Cybersecurity
29	MPA Content Security Program v5.1	Media and Content Protection
30	NAIC Insurance Data Security Model Law (MDL-668)	Financial Compliance
31	NIST AI RMF AI 100-1 v1.0	Information Security
32	NIST Privacy Framework v1.0	Information Security
33	NIST 800-37 rev 2	Information Security
34	NIST 800-39	Information Security
35	NIST 800-53 rev4	Information Security
36	NIST 800-53 rev4 (low)	Information Security
37	NIST 800-53 rev4 (moderate)	Information Security
38	NIST 800-53 rev4 (high)	Information Security
39	NIST 800-53 rev5	Information Security
40	NIST 800-53B rev5 (privacy)	Information Security
41	NIST 800-53B rev5 (low)	Information Security
42	NIST 800-53B rev5 (moderate)	Information Security
43	NIST 800-53B rev5 (high)	Information Security
44	NIST 800-53 rev5 (NOC)	Information Security
45	NIST 800-63B (partial mapping)	Information Security
46	NIST 800-66 rev2	Information Security
47	NIST 800-82 rev3 LOW OT Overlay	Information Security
48	NIST 800-82 rev3 MODERATE OT Overlay	Information Security
49	NIST 800-82 rev3 HIGH OT Overlay	Information Security
50	NIST 800-160	Information Security
51	NIST 800-161 rev 1	Information Security
52	NIST 800-161 rev 1 C-SCRM Baseline	Information Security
53	NIST 800-161 rev 1 Flow Down	Information Security
54	NIST 800-161 rev 1 Level 1	Information Security
55	NIST 800-161 rev 1 Level 2	Information Security
56	NIST 800-161 rev 1 Level 3	Information Security
57	NIST 800-171 rev 2	Information Security
58	NIST 800-171 rev 3	Information Security
59	NIST 800-171A	Information Security
60	NIST 800-171A rev 3	Information Security
61	NIST 800-172	Information Security
62	NIST 800-207	Information Security
63	NIST 800-218 v1.1 SSDF	Information Security
64	NIST CSF v1.1	Information Security
65	NIST CSF v2.0	Information Security
66	OWASP Top 10 v2021	Application Security
67	PCIDSS v3.2	Privacy
68	PCI DSS v4.0	Privacy
69	PCI DSS v4.0 SAQ A	Privacy
70	PCI DSS v4.0 SAQ A-EP	Privacy
71	PCI DSS v4.0 SAQ B	Privacy
72	PCI DSS v4.0 SAQ B-IP	Privacy
73	PCI DSS v4.0 SAQ C	Privacy
74	PCI DSS v4.0 SAQ C-VT	Privacy
75	PCI DSS v4.0 SAQ D Merchant	Privacy
76	PCI DSS v4.0 SAQ D Service Provider	Privacy
77	PCI DSS v4.0 SAQ P2PE	Privacy
78	Shared Assessments SIG 2024	Risk Management
79	SPARTA	Cybersecurity
80	SWIFT CSF v2023	Financial Security
81	TISAX ISA v6	Automotive Security
82	UL 2900-1	IoT Security
83	UN R155	Automotive Security
84	UN ECE WP.29	Automotive Security
85	US C2M2 v2.1	Automotive Security
86	US CERT RMM v1.2	Risk Management
87	US CISA CPG v2022	Cybersecurity
88	US CJIS Security Policy 5.9.3	Criminal Justice Security
89	US CMMC 2.0 Level 1	Cybersecurity
90	US CMMC 2.0 Level 2	Cybersecurity
91	US CMMC 2.0 Level 3	Cybersecurity
92	US CMMC 2.1 (draft) Level 1	Cybersecurity
93	US CMMC 2.1 (draft) Level 2	Cybersecurity
94	US CMMC 2.1 (draft) Level 3	Cybersecurity
95	US CMS MARS-E v2.0	Cybersecurity
96	US COPPA	Cybersecurity
97	US DoD Zero Trust Reference Architecture v2.0	Cybersecurity
98	US DFARS Cybersecurity 252.204-70xx	Cybersecurity
99	US DHS CISA TIC 3.0	Cybersecurity
100	US DHS ZTCF	Cybersecurity
101	US FACTA	Privacy
102	US FAR 52.204-21	Compliance
103	US FAR 52.204-27	Compliance
104	US FAR Section 889	Compliance
105	US FDA 21 CFR Part 11	Healthcare
106	US FedRAMP R4	Cloud Security
107	US FedRAMP R4 (low)	Uncategorized
108	US FedRAMP R4 (moderate)	Uncategorized
109	US FedRAMP R4 (high)	Uncategorized
110	US FedRAMP R4 (LI-SaaS)	Uncategorized
111	US FedRAMP R5	Uncategorized
112	US FedRAMP R5 (low)	Uncategorized
113	US FedRAMP R5 (moderate)	Uncategorized
114	US FedRAMP R5 (high)	Uncategorized
115	US FedRAMP R5 (LI-SaaS)	Uncategorized
116	US FERPA	Privacy
117	US FFIEC	Financial Security
118	US FINRA	Financial Security
119	US FTC Act	Privacy
120	US GLBA CFR 314 (Dec 2023)	Financial Security
121	US HIPAA	Health
122	HIPAA - HICP Small Practice	Health
123	HIPAA - HICP Medium Practice	Health
124	HIPAA - HICP Large Practice	Health
125	US IRS 1075	Privacy
126	US ITAR Part 120 (limited)	Financial Security
127	US NERC CIP	Financial Security
128	US NISPOM	Financial Security
129	US NNPI (unclass)	Financial Security
130	US NSTC NSPM-33	Financial Security
131	US Privacy Shield	Privacy
132	US SEC Cybersecurity Rule	Financial Security
133	US SOX	Financial Security
134	US SSA EIESR v8.0	Financial Security
135	US StateRAMP Low Category 1	Cloud Security
136	US StateRAMP Low+ Category 2	Cloud Security
137	US StateRAMP Moderate Category 3	Cloud Security
138	US TSA / DHS 1580/82-2022-01	Cloud Security
139	US - AK PIPA	Privacy
140	US - CA SB327	Privacy
141	US-CA CPRA (Nov 2022)	Privacy
142	US - CA SB1386	Privacy
143	US - CO Colorado Privacy Act	Privacy
144	US - IL BIPA	Privacy
145	US - IL IPA	Privacy
146	US - IL PIPA	Privacy
147	US-MA 201 CMR 17.00	Privacy
148	US - NV SB220	Privacy
149	US - NY DFS 23 NYCRR500 2023 Amd 2	Privacy
150	US - NY SHIELD Act S5575B	Financial Security
151	US - OR 646A	Privacy
152	US - SC Insurance Data Security Act	Financial Security
153	US - TN Tennessee Information Protection Act	Privacy
154	US - TX BC521	Privacy
155	US-TX Cybersecurity Act	Cybersecurity
156	US-TX DIR Control Standards 2.0	Cybersecurity
157	US-TX TX-RAMP Level 1	Cloud Security
158	US-TX TX-RAMP Level 2	Cloud Security
159	US-TX SB820	Privacy
160	US-VA CDPA 2023	Privacy
161	US-VT Act 171 of 2018	Privacy
162	EMEA EU EBA GL/2019/04	Privacy
163	EMEA EU DORA	Cybersecurity
164	EMEA EU ePrivacy (draft)	Privacy
165	EMEA EU GDPR	Privacy
166	EMEA EU NIS2	Privacy
167	EMEA EU PSD2	Privacy
168	EMEA EU EU-US Data Privacy Framework	Privacy
169	EMEA Austria	Privacy
170	EMEA Belgium	Privacy
171	EMEA Czech Republic	Privacy
172	EMEA Denmark	Privacy
173	EMEA Finland	Privacy
174	EMEA France	Privacy
175	EMEA Germany	Privacy
176	EMEA Germany Banking Supervisory Requirements for IT (BAIT)	Financial Security
177	EMEA Germany C5-2020	Cybersecurity
178	EMEA Greece	Privacy
179	EMEA Hungary	Privacy
180	EMEA Ireland	Privacy
181	EMEA Israel CDMO v1.0	Privacy
182	EMEA Israel	Privacy
183	EMEA Italy	Privacy
184	EMEA Kenya DPA 2019	Privacy
185	EMEA Luxembourg	Privacy
186	EMEA Netherlands	Privacy
187	EMEA Nigeria DPR 2019	Privacy
188	EMEA Norway	Privacy
189	EMEA Poland	Privacy
190	EMEA Portugal	Privacy
191	EMEA Qatar PDPPL	Privacy
192	EMEA Russia	Privacy
193	EMEA Saudi Arabia CSCC – 1: 2019	Cybersecurity
194	EMEA Saudi Arabia SACS-002	Cybersecurity
195	EMEA Saudi Arabia SAMA CSFv1.0	Cybersecurity
196	EMEA Saudi Arabia ECC-12018	Cybersecurity
197	EMEA Saudi Arabia OTCC-1 2022	Cybersecurity
198	EMEA Serbia 87/2018	Privacy
199	EMEA Slovak Republic	Privacy
200	EMEA South Africa	Privacy
201	EMEA Spain 1720/2007	Privacy
202	EMEA Spain 311/2022	Privacy
203	EMEA Spain CCN-STIC 825	Cybersecurity
204	EMEA Sweden	Privacy
205	EMEA Switzerland	Privacy
206	EMEA Turkey	Privacy
207	EMEA UAE	Privacy
208	EMEA UK CAF v3.1	Cybersecurity
209	EMEA UK CAP 1850	Privacy
210	EMEA UK Cyber Essentials	Uncategorized
211	EMEA UK DPA	Privacy
212	EMEA UK GDPR	Privacy
213	APAC Australia Essential 8	Cybersecurity
214	APAC Australia Privacy Act	Privacy
215	APAC Australian Privacy Principles	Privacy
216	APAC Australia ISM June 2024	Cybersecurity
217	APAC Australia IoT Code of Practice	Cybersecurity
218	APAC Australia Prudential Standard CPS230	Financial Security
219	APAC Australia Prudential Standard CPS234	Financial Security
220	APAC China Cybersecurity Law	Cybersecurity
221	APAC China Data Security Law (DSL)	Cybersecurity
222	APAC China DNSIP	Cybersecurity
223	APAC China Privacy Law	Privacy
224	APAC Hong Kong	Privacy
225	APAC India ITR	Privacy
226	APAC Indonesia	Privacy
227	APAC Japan APPI	Privacy
228	APAC Japan ISMAP	Privacy
229	APAC Malaysia	Privacy
230	APAC New Zealand HISF 2022	Cybersecurity
231	APAC New Zealand NZISM 3.6	Cybersecurity
232	APAC New Zealand Privacy Act of 2020	Privacy
233	APAC Philippines	Privacy
234	APAC Singapore	Privacy
235	APAC Singapore Cyber Hygiene Practice	Cybersecurity
236	APAC Singapore MAS TRM 2021	Financial Security
237	APAC South Korea	Privacy
238	APAC Taiwan	Privacy
239	Americas Argentina	Privacy
240	Americas Argentina Reg 132-2018	Privacy
241	Americas Bahamas	Privacy
242	Americas Bermuda BMACCC	Privacy
243	Americas Brazil LGPD	Privacy
244	Americas Canada CSAG	Cybersecurity
245	Americas Canada OSFI B-13	Financial Security
246	Americas Canada PIPEDA	Privacy
247	Americas Chile	Privacy
248	Americas Colombia	Privacy
249	Americas Costa Rica	Privacy
250	Americas Mexico	Privacy
251	Americas Peru	Privacy
252	Americas Uruguay	Privacy
253	SCF-B Business Mergers & Acquisitions	Privacy
254	SCF-I Cyber Insurance Duty of Care	Privacy
255	SCF-E Embedded Technology	Privacy
256	SCF-M MSP/MSSP Secure Practices Baseline	Privacy
257	SCF-R Ransomware Protection	Privacy
258	SCF-Z Zero Trust Architecture (ZTA)	Privacy
259	Minimum Security Requirements MCR + DSR	Information Security
260	Identify Minimum Compliance Requirements (MCR)	Information Security
261	Identify Discretionary Security Requirements (DSR)	Information Security
262	Risk Threat Summary	Risk Management
263	Risk R-AC-1	Risk Management
264	Risk R-AC-2	Risk Management
265	Risk R-AC-3	Risk Management
266	Risk R-AC-4	Risk Management
267	Risk R-AM-1	Risk Management
268	Risk R-AM-2	Risk Management
269	Risk R-AM-3	Risk Management
270	Risk R-BC-1	Risk Management
271	Risk R-BC-2	Risk Management
272	Risk R-BC-3	Risk Management
273	Risk R-BC-4	Risk Management
274	Risk R-BC-5	Risk Management
275	Risk R-EX-1	Risk Management
276	Risk R-EX-2	Risk Management
277	Risk R-EX-3	Risk Management
278	Risk R-EX-4	Risk Management
279	Risk R-EX-5	Risk Management
280	Risk R-EX-6	Risk Management
281	Risk R-EX-7	Risk Management
282	Risk R-GV-1	Risk Management
283	Risk R-GV-2	Risk Management
284	Risk R-GV-3	Risk Management
285	Risk R-GV-4	Risk Management
286	Risk R-GV-5	Risk Management
287	Risk R-GV-6	Risk Management
288	Risk R-GV-7	Risk Management
289	Risk R-GV-8	Risk Management
290	Risk R-IR-1	Risk Management
291	Risk R-IR-2	Risk Management
292	Risk R-IR-3	Risk Management
293	Risk R-IR-4	Risk Management
294	Risk R-SA-1	Risk Management
295	Risk R-SA-2	Risk Management
296	Risk R-SC-1	Risk Management
297	Risk R-SC-2	Risk Management
298	Risk R-SC-3	Risk Management
299	Risk R-SC-4	Risk Management
300	Risk R-SC-5	Risk Management
301	Risk R-SC-6	Risk Management
302	Control Threat Summary	Threat Management
303	Threat NT-1	Threat Management
304	Threat NT-2	Threat Management
305	Threat NT-3	Threat Management
306	Threat NT-4	Threat Management
307	Threat NT-5	Threat Management
308	Threat NT-6	Threat Management
309	Threat NT-7	Threat Management
310	Threat NT-8	Threat Management
311	Threat NT-9	Threat Management
312	Threat NT-10	Threat Management
313	Threat NT-11	Threat Management
314	Threat NT-12	Threat Management
315	Threat NT-13	Threat Management
316	Threat NT-14	Threat Management
317	Threat MT-1	Threat Management
318	Threat MT-2	Threat Management
319	Threat MT-3	Threat Management
320	Threat MT-4	Threat Management
321	Threat MT-5	Threat Management
322	Threat MT-6	Threat Management
323	Threat MT-7	Threat Management
324	Threat MT-8	Threat Management
325	Threat MT-9	Threat Management
326	Threat MT-10	Threat Management
327	Threat MT-11	Threat Management
328	Threat MT-12	Threat Management
329	Threat MT-13	Threat Management
330	Threat MT-14	Threat Management
331	Threat MT-15	Threat Management
332	Threat MT-16	Threat Management
333	Threat MT-17	Threat Management
334	Threat MT-18	Threat Management
335	Threat MT-19	Threat Management
336	Threat MT-20	Threat Management
337	Threat MT-21	Threat Management
338	Threat MT-22	Threat Management
339	Threat MT-23	Threat Management
340	Errata 2024.3	Uncategorized

Explore the extensive list of supported frameworks for your compliance needs.

Report Updates/Changes to Frameworks/Regulations

Submit Framework Request

We Provide Best GRC Services For Your Need

Enhancing security, efficiency, and regulatory adherence with tailored GRC strategies

1Evidence Collection Without Any Downtime

GRC³ seamlessly gathers and verifies all the necessary evidence from your systems.

2Reduce Work by 70%

Integrations and automation reduce repetitive tasks and simplify compliance.

3Protect Your Business

Achieving compliance reduces the risk of breaches and security incidents.

4Centralized source of information

Establish a centralized hub for all information! Stay organized.

5Comprehensive Reporting

Our insightful reporting will help you cut costs and streamline your journey.

6Proactive Monitoring

Compliance thrives on proactive monitoring and regular reviews.

7Automate Compliance & Reduce Manual Effort

Compliance shouldn't slow you down. Automate processes to eliminate tasks.

8Mitigate Risks Before They Impact Your Business

Proactive risk management is key to business resilience.

Available Frameworks, Standards, Regulations, and Best Practices

ISO 27001

ISO 27002

PCI DSS

GDPR

SOC 2

NIST

HIPAA

FEDRAMP

CMMC

COBIT

CIS Controls

SOX (Sarbanes-Oxley Act)

All Supported FrameworksComprehensive and Customizable

Explore the extensive list of supported frameworks for your compliance needs.

Information Security

ISO 27001Information Security Management System
NISTNational Institute of Standards and Technology
COBITControl Objectives for Information Technologies
NIST SCFNIST Secure Controls Framework
SOC 1System and Organization Controls 1
TISAXTrusted Information Security Assessment Exchange
SOC 2System and Organization Controls 2
SOC 3System and Organization Controls 3
NIST 800-53Security & Privacy Controls
MSRMinimum Security Requirements = MCR + DSR
CJISCriminal Justice Information Services Security Policy
ISO 42001ISO 42001 Standards

ISO 20000ISO 2001 Standards
ISO 27799ISO 27799 Standards
NIST AI 600-1NIST Artificial Intelligence Framework
NIST 800-171Protecting Controlled Unclassified Information
NIST SP 800-218ASecure Software Development Framework
ISO/SAE 21434 v2021ISO 21434 Standard
ISO 22301 v2019ISO 22301 Standard
ISO 27001 v2022ISO 2022
ISO 42001 v2023ISO 42001 Standard
NIST 800-37 rev 2NIST 800-37 Revised 2 Framework
NIST 800-53 rev 5NIST 800-53 Revised 5 Framework
NIST 800-82 rev 3 LOWNIST 800-82 Revised 3 Framework

Privacy

CCPACalifornia Consumer Privacy Act
CPRACalifornia Privacy Rights Act
eIDASElectronic Identification and Trust Services
FERPAFamily Educational Rights and Privacy Act
GDPRGeneral Data Protection Regulation
GLBAGramm-Leach-Bliley Act
Guernsey DPLGuernsey Data Protection Law
IRS 1075Internal Revenue Service Publication 1075
IRS 4812IRS Safeguards for Taxpayer Information
MARS-EMinimum Acceptable Risk Standards for Exchanges
PCIDSS v3.2Payment Card Industry Data Security Standard v3.2
PCIDSS v4.0Payment Card Industry Data Security Standard v4.0

Mastercard TQMMastercard Terminal Quality Management
PCI DSSPayment Card Industry Data Security Standard
PCI DSS v4.0 SAQ APayment Card Industry Data Security Standard
PCI DSS v4.0 SAQ AE-PPayment Card Industry Data Security Standard
PCI-P2PEPoint-to-Point Encryption Standard
PCI-PINPIN Security Requirements
PCI-POIPoint of Interaction Security Requirements
PHIPA OntarioPersonal Health Information Protection Act
PIPA AlbertaPersonal Information Protection Act (Alberta)
PIPA BCPersonal Information Protection Act (British Columbia)
PIPEDAPersonal Information Protection and Electronic Documents Act
USA PATRIOT ActUniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act

Cybersecurity

CIS ControlsCenter for Internet Security Controls
Essential EightAustralian Cybersecurity Practices
DORADigital Operational Resilience Act
NCSC CAFNational Cyber Security Centre Cyber Assessment Framework
CIS CSC v8.0CIS Critical Security Controls Version 8
CIS CSC v8.0 IG1Implementation Group 1 for CIS Critical Security Controls v8.0
CIS CSC v8.0 IG2Implementation Group 2 for CIS Critical Security Controls v8.0
CIS CSC v8.0 IG3Implementation Group 3 for CIS Critical Security Controls v8.0
ENISA v2.0European Union Agency for Cybersecurity Framework v2.0
MITRE ATT&CK 10MITRE Adversarial Tactics, Techniques, and Common Knowledge Version 10
SPARTASecurity & Privacy Assurance Research & Technology
US CMMC 2.0 Level 1Cybersecurity Maturity Framework

Health

HIPAAHealth Insurance Portability and Accountability Act
HITRUST CSFHITRUST Common Security Framework
HITECH ActThe Health Information Technology for Economic and Clinical Health Act
ICH GCPInternational Council for Harmonisation Good Clinical Practice

Financial

GFSC HandbookGuernsey Financial Services Commission Handbook
SOXSarbane-Oxley-Act

Quality Management

ISO 13485ISO 13485 Standard
ISO 9001ISO 9001 Standard

Environmental Management

ISO 14001Environmental Management

BCP

ISO 22301Business Continuity Management Systems
HITRUST CSFHITRUST Common Security Framework

Conformity Assessment

ISO 14001ISO 14001 Standard