Standards

Manage multiple regulatory compliance frameworks
and standards in one platform

Centraleyes enables cyber risk teams to easily create and define frameworks to fit their specific needs, or choose from tens of pre-populated integrated risk and compliance frameworks. By mapping shared controls across frameworks, Centraleyes allows for a quicker, automated compliance process.

All Standards | Compliance

Florida Digital Bill of Rights (FDBR)

What is the Florida Digital Bill of Rights (FDBR)? The Florida Digital Bill of Rights (FDBR) is a comprehensive data privacy law that will take effect on July 1, 2024.…

Nevada Privacy Act

What is the Nevada Privacy Act? The Nevada Privacy Act (NPA), also referred to as NRS 603A, is a state-specific data privacy framework aimed at enhancing the protection of personal…

Iowa Consumer Data Protection Act (ICDPA)

What is the Iowa Consumer Data Protection Act (ICDPA)? The Iowa Consumer Data Protection Act (ICDPA) is a data privacy law set to take effect on January 1, 2025. This…

ISO 42001

What is ISO 42001 (AI)? Artificial intelligence (AI) has emerged as a transformative technology, imbuing machines with human-like intelligence to perform tasks across various domains. However, with its exponential growth…

NIS2

What is NIS2? NIS2 is a high-level directive, strengthening cybersecurity. To enhance Europe’s resilience against existing and emerging cyber threats, the NIS2 Directive introduces new requirements and obligations for organizations…

CJIS

What is the CJIS framework? The CJIS (Criminal Justice Information Services) framework is a comprehensive set of security policies and guidelines established by the Federal Bureau of Investigation (FBI) in…

HITECH Act

What is the HITECH Act? The Health Information Technology for Economic and Clinical Health (HITECH) Act is a U.S. federal law that was enacted in 2009 as part of the…

What is the CPRA Act?

The California Privacy Rights Act (CPRA) is a state-wide data privacy law that governs how businesses all over the world may handle California residents’ personal information (PI). The CPRA went…

IRS publication 1345

What is IRS p1345? The IRS publishes guidance documents in relation to taxes. This handbook is for Authorized IRS e-file Providers of Individual Income Tax Returns, and provides rules and…

ESG

What is ESG? ESG compliance drives a company to operate with conscious regard towards the environment, social issues and the ideal way to govern their organization. It is also used…

Cyber Essentials (UK)

What is Cyber Essentials (UK)? Cyber Essentials is a government-backed scheme that was created to help organizations of all sizes protect themselves from a wide range of common cyber attacks.…

ISO 27002

What is ISO/IEC 27002? ISO/IEC 27002 is part of the ISO 27000 family of standards that were created to keep companies and organizations safe. ISO 27002 provides organizational guidance on…

UAE IA

What is the UAE IA Regulation?  The UAE’s Telecommunications Regulatory Authority (TRA) released the Information Assurance (IA) Regulation V1.1 in March 2020, to establish minimum baseline parameters for safeguarding the…

ISO 22301

What is the ISO 22301 standard? ISO 22301 is an international standard for Business Continuity Management. It offers a step-by-step guide to establishing and maintaining an efficient business continuity management…

CMMC

What is the CMMC Standard? The CMMC certification methodology was developed by the Department of Defense (DoD) to guarantee that contractors have safeguards in place to secure sensitive data such…

FFIEC

What is the FFIEC Compliance Framework? The Federal Financial Institutions Inspection Council (FFIEC) is a structured interagency body made up of five banking regulators who are in charge of the…

HIPAA

What is HIPAA? The Health Insurance Portability and Transparency Act of 1996 (HIPAA), is a collection of regulations that ensure the lawful use and disclosure of protected health information (PHI).…

NIST 800-82

What is the NIST SP 800-82 framework? The National Institute of Standards and Technology (NIST) Special Publication 800-82 offers detailed assistance regarding how to protect Industrial Control Systems (ICS), that…

PCI DSS 

What is PCI DSS? The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure the protection of cardholder data and secure payment…

SOX

What is the Sarbanes-Oxley Act? Sarbanes-Oxley Act (SOX), is a regulation that was signed into law on July 30, 2002. For compliance, all institutional investors are expected to install and…

NERC CIP

What is NERC CIP compliance? The North American Electric Reliability Corporation (NERC) is a global regulatory authority that operates to reduce the risks associated with power grid infrastructure. This is…

NYDFS

What is the NYDFS Cybersecurity Regulation? The New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR 500) is a set of rules issued by the New York Department…

SOC 2 Type II

What is SOC 2 Type II compliance? SOC 2 (System and Organization Controls 2) is an auditing process developed by the American Institute of CPAs (AICPA). Its primary initiative is…

NIST 800-171

What is the NIST 800-171? The National Institute of Standards and Technology (NIST) is a non-regulatory agency of the U.S. Commerce Department, responsible for conducting research and establishing standards across…

NIST SP 800-53

What is NIST 800-53? NIST 800-53 is a comprehensive set of guidelines developed by the National Institute of Standards and Technology (NIST) aimed at helping organizations manage and protect their…

ISA/IEC 62443

What is the ISA/IEC 62443 framework? The International Society of Automation (ISA) and the International Electrotechnical Commission (IEC) joined forces to develop the 62443 series. ISA/IEC 62443 is a non-regulatory…

PSD2

What is PSD2? The Payment Services Directive (PSD) of 2007, was replaced by the Revised Payment Services Directive (PSD2) in 2015. PSD2 is a European Union (EU) Directive, administered by…

FedRAMP

What is FedRAMP? The Federal Risk and Authorization Management Program (FedRAMP) is a US government-wide framework that created a standardized process for assessing, authorizing and continuously monitoring cloud services security.…

ISO 27001

What is ISO/IEC 27001? ISO/IEC 27001 is a member of the ISO 27000 family of standards. The ISO 27001 standard is internationally accepted as a specification for an Information Security…

GLBA

What is the GLBA Act? The Gramm-Leach-Bliley Act (GLBA), also recognized as the Financial Modernization Act of 1999, is a federal law in the United States that requires the protection…

Get our full list of supported standards and frameworks

Skip to content