Standards

Manage multiple regulatory compliance frameworks
and standards in one platform

Centraleyes enables cyber risk teams to easily create and define frameworks to fit their specific needs, or choose from tens of pre-populated integrated risk and compliance frameworks. By mapping shared controls across frameworks, Centraleyes allows for a quicker, automated compliance process.

All Standards | Compliance

HECVAT 4.0

What is HECVAT 4.0? HECVAT 4.0 (Higher Education Community Vendor Assessment Toolkit) is a standardized framework designed to help higher education institutions evaluate the cybersecurity, privacy, and compliance practices of…

Information Security Manual (ISM)

What is the Information Security Manual (ISM)? The Information Security Manual (ISM) is a cybersecurity framework developed by the Australian Signals Directorate (ASD) to help organizations protect their IT and…

What is the New Jersey Privacy Act?

The New Jersey Privacy Act (NJDPA) is a state-level legislation designed to safeguard the personal information of New Jersey residents and provide them with enhanced rights over their data. The…

What is the IDPA?

The Indiana Data Protection Act (IDPA) is a state-level privacy law designed to protect the personal data of Indiana residents. Modeled after similar data protection laws across the United States,…

What is the Rhode Island Privacy and Security Act (RIDPA)?

The Rhode Island Privacy and Security Act (RIDPA) is a state privacy law aimed at safeguarding the personal information of Rhode Island residents. Enacted to address the growing risks of…

What is the MNDPA?

The Minnesota Data Privacy and Security Act (MNDPA) is a comprehensive state-level privacy law designed to protect the personal information of Minnesota residents. Enacted to address growing concerns over data…

Texas Data Privacy and Security Act (TDPSA)

What is the Texas Data Privacy and Security Act? The Texas Data Privacy and Security Act (TDPSA) is a state law designed to protect the privacy and security of Texas…

Oregon Consumer Privacy Act (OCPA)

What is the Oregon Consumer Privacy Act? The Oregon Consumer Privacy Act (OCPA) is a state privacy law that sets guidelines for how businesses should collect, use, and protect the…

Nebraska Data Privacy Act (NDPA)

What is the Nebraska Data Privacy Act? The Nebraska Data Privacy Act (NDPA) is a state-level privacy law designed to protect Nebraska residents’ personal information and ensure that businesses operating…

SWIFT 

What is the SWIFT CSP? The SWIFT Customer Security Program (CSP) is an initiative by SWIFT aimed at enhancing the security of its global financial messaging network and protecting the…

CJIS v5.9.5

What is CJIS (v5.9.5)? The Criminal Justice Information Services (CJIS) Security Policy v5.9.5 is a comprehensive security framework established by the Federal Bureau of Investigation (FBI). It sets standards for…

Florida Digital Bill of Rights (FDBR)

What is the Florida Digital Bill of Rights (FDBR)? The Florida Digital Bill of Rights (FDBR) is a comprehensive data privacy law that will take effect on July 1, 2024.…

Nevada Privacy Act

What is the Nevada Privacy Act? The Nevada Privacy Act (NPA), also referred to as NRS 603A, is a state-specific data privacy framework aimed at enhancing the protection of personal…

Iowa Consumer Data Protection Act (ICDPA)

What is the Iowa Consumer Data Protection Act (ICDPA)? The Iowa Consumer Data Protection Act (ICDPA) is a data privacy law set to take effect on January 1, 2025. This…

ISO 42001

What is ISO 42001 (AI)? Artificial intelligence (AI) has emerged as a transformative technology, imbuing machines with human-like intelligence to perform tasks across various domains. However, with its exponential growth…

NIS2

What is NIS2? NIS2 is a high-level directive, strengthening cybersecurity. To enhance Europe’s resilience against existing and emerging cyber threats, the NIS2 Directive introduces new requirements and obligations for organizations…

HITECH Act

What is the HITECH Act? The Health Information Technology for Economic and Clinical Health (HITECH) Act is a U.S. federal law that was enacted in 2009 as part of the…

What is the CPRA Act?

The California Privacy Rights Act (CPRA) is a state-wide data privacy law that governs how businesses all over the world may handle California residents’ personal information (PI). The CPRA went…

IRS publication 1345

What is IRS p1345? The IRS publishes guidance documents in relation to taxes. This handbook is for Authorized IRS e-file Providers of Individual Income Tax Returns, and provides rules and…

ESG

What is ESG? ESG compliance drives a company to operate with conscious regard towards the environment, social issues and the ideal way to govern their organization. It is also used…

Cyber Essentials (UK)

What is Cyber Essentials (UK)? Cyber Essentials is a government-backed scheme that was created to help organizations of all sizes protect themselves from a wide range of common cyber attacks.…

ISO 27002

What is ISO/IEC 27002? ISO/IEC 27002 is part of the ISO 27000 family of standards that were created to keep companies and organizations safe. ISO 27002 provides organizational guidance on…

UAE IA

What is the UAE IA Regulation?  The UAE’s Telecommunications Regulatory Authority (TRA) released the Information Assurance (IA) Regulation V1.1 in March 2020, to establish minimum baseline parameters for safeguarding the…

ISO 22301

What is the ISO 22301 standard? ISO 22301 is an international standard for Business Continuity Management. It offers a step-by-step guide to establishing and maintaining an efficient business continuity management…

CMMC

What is the CMMC Standard? The CMMC certification methodology was developed by the Department of Defense (DoD) to ensure that contractors have safeguards in place to secure sensitive data, such…

FFIEC

What is the FFIEC Compliance Framework? The Federal Financial Institutions Inspection Council (FFIEC) is a structured interagency body made up of five banking regulators who are in charge of the…

HIPAA

What is HIPAA? The Health Insurance Portability and Transparency Act of 1996 (HIPAA), is a collection of regulations that ensure the lawful use and disclosure of protected health information (PHI).…

NIST 800-82

What is the NIST SP 800-82 framework? The National Institute of Standards and Technology (NIST) Special Publication 800-82 offers detailed assistance regarding how to protect Industrial Control Systems (ICS), that…

PCI DSS 

What is PCI DSS? The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure the protection of cardholder data and secure payment…

SOX

What is the Sarbanes-Oxley Act? Sarbanes-Oxley Act (SOX), is a regulation that was signed into law on July 30, 2002. For compliance, all institutional investors are expected to install and…

Get our full list of supported standards and frameworks

Skip to content