The international standard for Information Security Management Systems (ISMS). Requires policies, risk treatment, and Annex A controls.
93 controls · 4 themes · 2022 revision
ComplyIT365 ships with pre-mapped controls for the most demanded frameworks worldwide. Add your own frameworks, controls, and mappings — no code, no consultants.
The international standard for Information Security Management Systems (ISMS). Requires policies, risk treatment, and Annex A controls.
93 controls · 4 themes · 2022 revision
Trust Services Criteria audit developed by the AICPA. Security, Availability, Confidentiality, Integrity, and Privacy.
5 TSCs · Type I / Type II reporting
US Health Insurance Portability & Accountability Act. Security Rule for electronic Protected Health Information (ePHI).
Administrative · Physical · Technical safeguards
Payment Card Industry Data Security Standard for organisations handling cardholder data.
12 requirements · 4.0 released 2022
EU General Data Protection Regulation. Rights of the data subject, DPO, DPIA, cross-border transfer rules.
99 articles · 72-hour breach notification
US National Institute of Standards & Technology Cybersecurity Framework. Identify, Protect, Detect, Respond, Recover.
6 functions · 2.0 released 2024
India's Digital Personal Data Protection Act. Consent, purpose limitation, data principal rights.
Passed 2023 · Enforcement 2025+
Monetary Authority of Singapore Technology Risk Management guidelines for financial institutions.
13 chapters · Cyber, ITSM, DR
Bring your internal control library. Import via CSV or JSON. Map it to any framework in the platform.
Talk to a compliance engineer