Why do double, triple, or 25x the work when automation makes it easy? Let ControlMap apply matching evidence to multiple top frameworks:
- SOC 2
- ISO 27001
- NIST CSF
Integrations
Collect evidence and keep it updated without manual checks. Automatically gather and sort the details you need from 40+ integrations including:
- Amazon Web Services (AWS)
- Microsoft 365
- Google Workspace, Cloud, and Drive
- Salesforce
Get to know your clients’ compliance status with this Q&A assessment. You’ll get a single view (and report) to see the status of several key frameworks, including:
- ISO-27001 (2018)
- NIST CSF
- CMMC 2.0
- CIS Controls v8
- HIPAA
Skip starting from scratch. Access 50+ pre-made policies, procedures, and governance documents. What sort of policies?
- Onboarding and offboarding checklists
- Laptop and endpoint compliance
- Track MFA for high-risk systems
- Vulnerability management policy
Developed by The American Institute of Certified Public Accountants (AICPA), SOC 2 helps organizations safeguard customer data.
It includes five Trust Services Criteria: security, availability, processing integrity, confidentiality, and privacy.
ISO 27001 is the internationally recognized standard for implementing and managing an Information Security Management System (ISMS). Not to be confused with ISO 27701, ISO 27017, or ISO 27018.
This standard is used to pass an audit, guaranteeing that a business’s security protocols are up-to-date.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal standard specifically for protected health information (PHI).
Regulated by the Office for Civil Rights, HIPAA outlines the permissible use and disclosure of PHI in the USA as set forth by HHS guidelines.
Working in the EU? You need to know about GDPR. With 99 distinct articles, this set of data protection regulations is one of the world’s most comprehensive frameworks.
It’s designed to give people full control over information associated with them by limiting how organizations can use personal data.
The CIS Critical Security Controls (CIS Controls) are a globally implemented set of best practices used to boost an organization’s cybersecurity.
They’re continually updated as these controls prioritize and simplify the steps needed for a strong cybersecurity defense.
Updated in 2024, the National Institute of Standards and Technology (NIST) Cybersecurity 2.0 Framework is a comprehensive — yet flexible — set of standards, guidelines, and best practices.
It is meant to be implemented alongside existing security processes in any industry.
The U.S. Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) was introduced to ensure that all defense contractors use security protocols to protect sensitive defense information.
Companies responsible for handling Controlled Unclassified Information (CUI) or Federal Contract Information (FCI) must meet the CMMC requirements to remain compliant.
The FTC Safeguards Rule ensures that entities covered by the Rule maintain safeguards to protect customer information.
It applies to financial institutions subject to the FTC’s jurisdiction that aren’t subject to the enforcement authority of another regulator under section 505 of the Gramm-Leach-Bliley Act, 15 U.S.C. § 6805.
Reviews
There are no reviews yet.