Automated Compliance Across
60+ Frameworks

RegScale streamlines compliance and risk efforts by automating evidence collection, tests, and controls management across more than 60 frameworks and standards, including privacy standards, such as GDPR, ISO 27001, PCI DSS 4.0, CMMC, and FedRAMP. Save time and enable continuous controls monitoring of your compliance. 

Air Force Instruction icon

Air Force Instruction 63-101/20-101

State statute intended to enhance privacy rights and consumer protection of personal data for residents of California.

INSPECTIONS

Australian ISM icon

Australian ISM

Comprehensive guidelines published by the Australian Cyber Security Centre (ACSC) for protecting information and communication technology (ICT).

CYBER SECURITY

CCPA icon

CCPA

State statute intended to enhance privacy rights and consumer protection of personal data for residents of California.

PRIVACY

CIS Benchmarks for AWS icon

CIS Benchmarks for AWS

v1.2

Security benchmarks for Amazon Web Services that provide consensus-based best practices for securing AWS environments.

CYBER SECURITY

CIS v8 icon

CIS v8

Group 1, Group 2, Group 3

Cybersecurity best practices for organizations to defend against the most prevalent and dangerous threats.

CYBER SECURITY

CMS ARS icon

CMS:ARS

v5.1

Defines the minimum security requirements for CMS information and information systems.

CYBER SECURITY

HEALTHCARE

CMS MARS-E icon

CMS:MARS-E

v2.2

Standards to ensure that exchanges meet the minimum federal requirements for security and privacy.

CYBER SECURITY

HEALTHCARE

CISA CPG icon

CISA CPG

Cross-sector cybersecurity performance goals designed to assist organizations in reducing risk and strengthening their cybersecurity posture.

CYBER SECURITY

CSA CCM 4.0 icon

CSA: CCM 4.0

v4.0, v3.0.1

A cybersecurity control framework for cloud providers and users that provides a detailed understanding of security concepts and principles.

CYBER SECURITY

COBIT 2019 icon

COBIT 2019

v2019

A framework for developing, implementing, monitoring, and improving IT governance and management practices.

CYBER SECURITY

CJIS icon

CJIS

v5.9.1

Standards for creating, viewing, modifying, transmitting, and destroying criminal justice information.

CYBER SECURITY

CRI Cyber Profile icon

CRI: Cyber Profile

Tier 1, Tier 2, Tier 3, Tier 4

A model to help the financial sector evaluate and improve their cybersecurity capabilities and resilience.

CYBER SECURITY

FINANCIAL

See all our Catalogs and Profiles

C2M2 icon

C2M2

v2.1

A framework to improve cybersecurity capabilities within energy sector organizations and their supply chains.

CYBER SECURITY

DSS-ECP icon

DSS-ECP

A Defense Security Service plan for maintaining security of classified electronic communications.

CYBER SECURITY

DEFENSE

DHS 4300A Handbook icon

DHS 4300A Handbook

Provides specific techniques and procedures for implementing requirements of the DHS Information Security Program for DHS sensitive systems and systems that process sensitive information for DHS.

CYBER SECURITY

FFIEC CAT icon

FFIEC CAT

A tool by FFIEC to help financial institutions appraise their cybersecurity risks and determine the maturity of their cybersecurity programs.

CYBER SECURITY

FINANCIAL

FedRAMP icon

FedRAMP

Rev 4, Rev 5, Baselines High, Moderate, Low, LI-SaaS

Risk-based approach and requirements for modern cloud technologies to secure and protect federal information.

CYBER SECURITY

GDPR icon

GDPR

European Union’s (EU) regulation enforcing data privacy and protection for individuals within the EU.

PRIVACY

HIPAA icon

HIPAA

Legislation protecting the privacy of individual’s medical records and other personal health information.

CYBER SECURITY

HEALTHCARE

ISO 27001 icon

ISO/IEC 27001

v2022, v2013

Specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system.

CYBER SECURITY

ISO 27002 icon

ISO/IEC 27002

v2022, v2013

Provides techniques for control implementation within an information security management system.

CYBER SECURITY

ISO 9001 icon

ISO 9001

v2015

Sets criteria for a quality management system designed to help organizations ensure they meet the needs of customers and other stakeholders while meeting statutory and regulatory requirements related to a product or service.

QUALITY

MVSP icon

MVSP

v2.0-20221012, v1.0-20211007

Outlines the minimum security requirements necessary for a secure product development and deployment.

CYBER SECURITY

NIST CSF icon

NIST CSF

v1.1

Provides a high-level taxonomy of cybersecurity outcomes and a methodology to assess and manage those outcomes.

CYBER SECURITY

See what RegScale can streamline for you

Book a demo now for a quick walkthrough of how our continuous controls monitoring can solve your compliance, risk, and cybersecurity challenges. 

NIST CSF icon

NIST CSF 2.0

v2.0

Provides a high-level taxonomy of cybersecurity outcomes and a methodology to assess and manage those outcomes.

CYBER SECURITY

NIST Privacy icon

NIST Privacy

A tool for improving privacy practices through risk management.

PRIVACY

NIST 800-171 icon

NIST 800-171

Rev2

Provides guidelines on protecting controlled unclassified information in nonfederal systems and organizations.

CYBER SECURITY

NIST 800-218 icon

NIST 800-218

v1.1

Provides a core set of high-level secure software development practices for integration into software development lifecycle (SDLC) implementation.

CYBER SECURITY

PRODUCT DEVELOPMENT

NIST 800-53 Rev 4 icon

NIST 800-53 Rev 4 – DoD with CCIs

Rev4

The Department of Defense’s adaptation of NIST SP 800-53 Rev 4 with Control Correlation Identifiers for easier mapping to other frameworks.

CYBER SECURITY

NIST 800-53 icon

NIST 800-53

Rev 4, Rev 5

Provides a flexible framework of security and privacy controls to defend information systems against wide-ranging threats, ensuring their reliability and trustworthiness.

CYBER SECURITY

NIST 800-82 icon

NIST 800-82

Rev 2, Rev 3

Guidelines on securing industrial control systems and other operational technology.

CYBER SECURITY

23 NYCRR 500 icon

23 NYCRR 500

v1.2

Cybersecurity requirements for financial services companies.

CYBER SECURITY

FINANCIAL

NIST AI RMF icon

NIST AI RMF

Guidelines to incorporate trustworthiness considerations into the design, development, use, and evaluation of artificial intelligence (AI) products, services, and systems.

ARTIFICIAL INTELLIGENCE

RISK MANAGEMENT

NERC CIP icon

NERC CIP

Requirements to secure the assets required for operating North America’s bulk electric system.

CYBER SECURITY

ENERGY/UTILITIES

OMB M-22-09 icon

OMB M-22-09

A memorandum providing a roadmap for Federal agencies to adopt Zero Trust cybersecurity principles.

CYBER SECURITY

OWASP ASVS icon

OWASP ASVS

v.4.0.3

The Open Web Application Security Project’s Application Security Verification Standard, a framework for securing web applications.

CYBER SECURITY

PCI DSS icon

PCI DSS

v4.0, v3.2.1

Provides updated and robust security measures for all companies that accept, process, store, or transmit credit card information.

CYBER SECURITY

SOX icon

SOX

Regulation requiring U.S. publicly traded companies to assess and report on internal controls over financial reporting.

FINANCIAL

SCF icon

SCF

A comprehensive catalog of cybersecurity and data privacy controls designed to enable companies to design, build and maintain secure processes, systems, and applications.

CYBER SECURITY

PRIVACY

SOC 2 Badge icon

SOC 2

v2020.3

Standards for service providers to securely manage and protect the interests and privacy of their customers’ data.

CYBER SECURITY

StateRAMP Badge

StateRAMP

Rev 4, Rev 5, Baselines High, Moderate, Low, LI-SaaS

Risk-based approach and requirements that establish security standards for cloud service providers (CSPs) that work with state and local governments.

CYBER SECURITY

TIC icon

TIC

v3.0

Guides federal agencies in securing their network architecture, especially for cloud environments.

CYBER SECURITY

CIS v8 icon

Card Template

Group 1, Group 2, Group 3

Cybersecurity best practices for organizations to defend against the most prevalent and dangerous threats.

CYBER SECURITY

CRI Cyber Profile icon

Card Template

Tier 1, Tier 2, Tier 3, Tier 4

A model to help the financial sector evaluate and improve their cybersecurity capabilities and resilience.

CYBER SECURITY

FINANCIAL

Ready to fast track your compliance? Let us show you how it’s done

Hey, we know reading can only get you so far. That’s why we’d like to give you a quick, live walk-through of RegScale, to show you exactly what we can do for your organization.