Policy-to-Control Mapping

Map your policies across 9 compliance frameworks with cross-framework overlap analysis.

Select Compliance Frameworks

Choose the frameworks you need to comply with. Select multiple to see cross-framework overlaps.

Cybersecurity Framework — Govern, Identify, Protect, Detect, Respond, Recover

GV/ID/PR/DE/RS/RC

Information Security Management — Annex A controls (A.5–A.8)

A.5–A.8

Trust Services Criteria — CC1 through CC9 + availability, PI, confidentiality

CC1–CC9

Payment Card Industry — 12 requirements for cardholder data protection

Req 1–12

Digital Operational Resilience Act — ICT risk management for financial entities

Art 5–15

Network and Information Security — cybersecurity obligations for essential/important entities

Art 21

Health Insurance Portability — Privacy, Security, and Breach Notification Rules

§164.xxx

AI System regulation — risk-based requirements (Art 6–52)

Art 6–52

General Data Protection Regulation — data protection by design (Art 5–49)

Art 5–49