List of Mandates
We support the following mandates for report generation.
-
ISO/IEC 27001:2013
-
Cloud Controls Matrix (CCM)
-
NERC Critical Infrastructure Protection (CIP)
-
Health Insurance Portability and Accountability (HIPAA) Security Rule 45 CFR Parts 160/164, Subparts A/C:1996
-
ANSSI 40 Essential Measures for a Healthy Network
-
Reserve Bank of India (RBI) - Baseline Cyber Security and Resilience Requirements (Annex 1)
-
NESA UAE Information Assurance Standards (IAS)
-
APRA Prudential Practice Guide (PPG): CPG 234 - Management of Security Risk in Information and Information Technology
-
IRDAI Guidelines On Information and Cyber Security for Insurers
-
General Data Protection Regulation (GDPR)
-
Minimum Acceptable Risk Standards for Exchanges (MARS-E)
-
NCSC Basic Cyber Security Controls (BCSC)
-
IRS Publication 1075
-
Sarbanes-Oxley Act: IT Security
-
Monetary Authority of Singapore (MAS) - Notice 834: Cyber Hygiene Practices
-
NIST Special Publication 800-171
-
CIS Controls Version 8
-
Criminal Justice Information Services (CJIS) Security Policy
-
Cybersecurity Maturity Model Certification (CMMC) Level 1
-
Cybersecurity Maturity Model Certification (CMMC) Level 2
-
Cybersecurity Maturity Model Certification (CMMC) Level 4
-
Cybersecurity Maturity Model Certification (CMMC) Level 5
-
Cybersecurity Maturity Model Certification (CMMC) Level 3
-
Payment Card Industry Data Security Standard (PCI-DSS) v3.2.1
-
SWIFT Customer Security Controls Framework - Customer Security Programme v2021
-
NIST 800-53 (Special Publication)
-
New Zealand Information Security Manual (NZISM)
-
2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy
-
Australian Signals Directorate - Essential Eight Maturity Model
-
US Cybersecurity Maturity Model Certification (CMMC) 2.0 Level 1
-
US Cybersecurity Maturity Model Certification (CMMC) 2.0 Level 2
-
Technology Risk Management (TRM) Guidelines
-
Payment Card Industry Data Security Standard (PCI-DSS) v4.0
-
Federal Risk and Authorization Management Program (FedRAMP H) - High Security Baseline
-
Federal Risk and Authorization Management Program (FedRAMP LI-SaaS) - LI-SaaS Security Baseline
-
Federal Risk and Authorization Management Program (FedRAMP M) - Moderate Security Baseline
-
Federal Risk and Authorization Management Program (FedRAMP L) - Low Security Baseline
-
ISO/IEC 27001:2022
-
The NIST Cybersecurity Framework (CSF)