Automated Compliance Across
60+ Frameworks
RegScale streamlines compliance and risk efforts by automating evidence collection, tests, and controls management across more than 60 frameworks and standards, including privacy standards, such as GDPR, ISO 27001, PCI DSS 4.0, CMMC, and FedRAMP. Save time and enable continuous controls monitoring of your compliance.
Air Force Instruction 63-101/20-101
State statute intended to enhance privacy rights and consumer protection of personal data for residents of California.
INSPECTIONS
Australian ISM
Comprehensive guidelines published by the Australian Cyber Security Centre (ACSC) for protecting information and communication technology (ICT).
CYBER SECURITY
CCPA
State statute intended to enhance privacy rights and consumer protection of personal data for residents of California.
PRIVACY
CIS Benchmarks for AWS
v1.2Security benchmarks for Amazon Web Services that provide consensus-based best practices for securing AWS environments.
CYBER SECURITY
CIS v8
Group 1, Group 2, Group 3Cybersecurity best practices for organizations to defend against the most prevalent and dangerous threats.
CYBER SECURITY
CMS:ARS
v5.1Defines the minimum security requirements for CMS information and information systems.
CYBER SECURITY
HEALTHCARE
CMS:MARS-E
v2.2Standards to ensure that exchanges meet the minimum federal requirements for security and privacy.
CYBER SECURITY
HEALTHCARE
CISA CPG
Cross-sector cybersecurity performance goals designed to assist organizations in reducing risk and strengthening their cybersecurity posture.
CYBER SECURITY
CSA: CCM 4.0
v4.0, v3.0.1A cybersecurity control framework for cloud providers and users that provides a detailed understanding of security concepts and principles.
CYBER SECURITY
COBIT 2019
v2019A framework for developing, implementing, monitoring, and improving IT governance and management practices.
CYBER SECURITY
CJIS
v5.9.1Standards for creating, viewing, modifying, transmitting, and destroying criminal justice information.
CYBER SECURITY
CRI: Cyber Profile
Tier 1, Tier 2, Tier 3, Tier 4A model to help the financial sector evaluate and improve their cybersecurity capabilities and resilience.
CYBER SECURITY
FINANCIAL
See all our Catalogs and Profiles
C2M2
v2.1A framework to improve cybersecurity capabilities within energy sector organizations and their supply chains.
CYBER SECURITY
DSS-ECP
A Defense Security Service plan for maintaining security of classified electronic communications.
CYBER SECURITY
DEFENSE
DHS 4300A Handbook
Provides specific techniques and procedures for implementing requirements of the DHS Information Security Program for DHS sensitive systems and systems that process sensitive information for DHS.
CYBER SECURITY
FFIEC CAT
A tool by FFIEC to help financial institutions appraise their cybersecurity risks and determine the maturity of their cybersecurity programs.
CYBER SECURITY
FINANCIAL
FedRAMP
Rev 4, Rev 5, Baselines High, Moderate, Low, LI-SaaSRisk-based approach and requirements for modern cloud technologies to secure and protect federal information.
CYBER SECURITY
GDPR
European Union’s (EU) regulation enforcing data privacy and protection for individuals within the EU.
PRIVACY
HIPAA
Legislation protecting the privacy of individual’s medical records and other personal health information.
CYBER SECURITY
HEALTHCARE
ISO/IEC 27001
v2022, v2013Specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system.
CYBER SECURITY
ISO/IEC 27002
v2022, v2013Provides techniques for control implementation within an information security management system.
CYBER SECURITY
ISO 9001
v2015Sets criteria for a quality management system designed to help organizations ensure they meet the needs of customers and other stakeholders while meeting statutory and regulatory requirements related to a product or service.
QUALITY
MVSP
v2.0-20221012, v1.0-20211007Outlines the minimum security requirements necessary for a secure product development and deployment.
CYBER SECURITY
NIST CSF
v1.1Provides a high-level taxonomy of cybersecurity outcomes and a methodology to assess and manage those outcomes.
CYBER SECURITY
See what RegScale can streamline for you
Book a demo now for a quick walkthrough of how our continuous controls monitoring can solve your compliance, risk, and cybersecurity challenges.
NIST CSF 2.0
v2.0Provides a high-level taxonomy of cybersecurity outcomes and a methodology to assess and manage those outcomes.
CYBER SECURITY
NIST Privacy
A tool for improving privacy practices through risk management.
PRIVACY
NIST 800-171
Rev2Provides guidelines on protecting controlled unclassified information in nonfederal systems and organizations.
CYBER SECURITY
NIST 800-218
v1.1Provides a core set of high-level secure software development practices for integration into software development lifecycle (SDLC) implementation.
CYBER SECURITY
PRODUCT DEVELOPMENT
NIST 800-53 Rev 4 – DoD with CCIs
Rev4The Department of Defense’s adaptation of NIST SP 800-53 Rev 4 with Control Correlation Identifiers for easier mapping to other frameworks.
CYBER SECURITY
NIST 800-53
Rev 4, Rev 5Provides a flexible framework of security and privacy controls to defend information systems against wide-ranging threats, ensuring their reliability and trustworthiness.
CYBER SECURITY
NIST 800-82
Rev 2, Rev 3Guidelines on securing industrial control systems and other operational technology.
CYBER SECURITY
23 NYCRR 500
v1.2Cybersecurity requirements for financial services companies.
CYBER SECURITY
FINANCIAL
NIST AI RMF
Guidelines to incorporate trustworthiness considerations into the design, development, use, and evaluation of artificial intelligence (AI) products, services, and systems.
ARTIFICIAL INTELLIGENCE
RISK MANAGEMENT
NERC CIP
Requirements to secure the assets required for operating North America’s bulk electric system.
CYBER SECURITY
ENERGY/UTILITIES
OMB M-22-09
A memorandum providing a roadmap for Federal agencies to adopt Zero Trust cybersecurity principles.
CYBER SECURITY
OWASP ASVS
v.4.0.3The Open Web Application Security Project’s Application Security Verification Standard, a framework for securing web applications.
CYBER SECURITY
PCI DSS
v4.0, v3.2.1Provides updated and robust security measures for all companies that accept, process, store, or transmit credit card information.
CYBER SECURITY
SOX
Regulation requiring U.S. publicly traded companies to assess and report on internal controls over financial reporting.
FINANCIAL
SCF
A comprehensive catalog of cybersecurity and data privacy controls designed to enable companies to design, build and maintain secure processes, systems, and applications.
CYBER SECURITY
PRIVACY
SOC 2
v2020.3Standards for service providers to securely manage and protect the interests and privacy of their customers’ data.
CYBER SECURITY
StateRAMP
Rev 4, Rev 5, Baselines High, Moderate, Low, LI-SaaSRisk-based approach and requirements that establish security standards for cloud service providers (CSPs) that work with state and local governments.
CYBER SECURITY
TIC
v3.0Guides federal agencies in securing their network architecture, especially for cloud environments.
CYBER SECURITY
Card Template
Group 1, Group 2, Group 3Cybersecurity best practices for organizations to defend against the most prevalent and dangerous threats.
CYBER SECURITY
Card Template
Tier 1, Tier 2, Tier 3, Tier 4A model to help the financial sector evaluate and improve their cybersecurity capabilities and resilience.
CYBER SECURITY
FINANCIAL
Ready to fast track your compliance? Let us show you how it’s done
Hey, we know reading can only get you so far. That’s why we’d like to give you a quick, live walk-through of RegScale, to show you exactly what we can do for your organization.