Security | Centraleyes

Standards

Manage multiple regulatory compliance frameworks
and standards in one platform

Centraleyes enables cyber risk teams to easily create and define frameworks to fit their specific needs, or choose from tens of pre-populated integrated risk and compliance frameworks. By mapping shared controls across frameworks, Centraleyes allows for a quicker, automated compliance process.

Secure Controls Framework (SCF)

May 30, 2022

FFIEC

June 14, 2021

PCI DSS

June 14, 2021

GDPR

June 14, 2021

SOC 2 Type II

June 14, 2021

NY SHIELD Act

June 14, 2021

OWASP ASVS

June 14, 2021

ISO 27001

June 14, 2021

CIS Controls

June 14, 2021

ISO 27701

June 14, 2021

NIST CSF

May 18, 2021

best-incident-response

9 Best Tools for Cybersecurity Incident Response

February 6, 2025

Achieving the Perfect Balance: Security, Privacy, and Transparency in the Digital Age

Achieving the Perfect Balance: Security, Privacy, and Transparency in the Digital Age

February 3, 2025

How to Meet CMMC Level 2 Requirements

How to Meet CMMC Level 2 Requirements

January 27, 2025

All Standards | Security

EASA Part IS

What is EASA? EASA stands for the European Union Aviation Safety Agency. It is a regulatory body established by the European Union to ensure a high and uniform level of…

IATA Cyber Regulations

The International Air Transport Association (IATA) Cyber Security Regulations represent a set of guidelines and standards aimed at enhancing cybersecurity resilience within the aviation industry. These regulations are critical for…

Essential Eight

What is the Essential Eight? The Essential Eight is a cybersecurity framework developed by the Australian Cyber Security Centre (ACSC) to help organizations mitigate cyber threats. It comprises eight critical…

NIST CSF 2.0 Critical

What is NIST CSF 2.0 Critical? NIST CSF CRITICAL is a custom cybersecurity framework designed to streamline and enhance the implementation of the NIST Cybersecurity Framework (CSF) by utilizing the…

CJIS v5.9.5

What is CJIS (v5.9.5)? The Criminal Justice Information Services (CJIS) Security Policy v5.9.5 is a comprehensive security framework established by the Federal Bureau of Investigation (FBI). It sets standards for…

OT Cybersecurity Framework

What is the OT Cybersecurity Framework? The OT Cybersecurity Framework or OT CSF is a foundational Operational Technology (OT) risk framework that covers all aspects of the OT environment. OT…

Centraleyes Privacy Framework (CPF)

What is the CPF? The Centraleyes Privacy Framework (CPF) is a comprehensive compliance tool designed to help organizations adhere to the diverse privacy regulations that are individual to each state…

AI Governance

What is the Centraleyes AI Governance Framework? The AI Governance assessment, created by the Analyst Team at Centraleyes, is designed to fill a critical gap for organizations that use pre-made…

ISO 42001

What is ISO 42001 (AI)? Artificial intelligence (AI) has emerged as a transformative technology, imbuing machines with human-like intelligence to perform tasks across various domains. However, with its exponential growth…

NIST AI RMF

What is NIST AI RMF? As artificial intelligence gains traction and becomes increasingly more popular, it is critical to understand the risks that apply to companies who are creating AI…

DORA EU

What is DORA (EU)? The DORA Regulation (No. 2022/2554), known as the Digital Operational Resilience Act, is an important EU law about cybersecurity for financial institutions like banks or credit…

ESG Risk

What is ESG Risk? ESG risk refers to the potential negative impacts on a company’s performance and reputation arising from environmental, social, and governance factors. It encompasses a wide range…

Business Email Compromise

What is the Business Email Compromise? Business Email Compromise (BEC) is a type of cyber attack in which criminals target businesses or organizations by using email to trick employees into…

Health Industry Cybersecurity Practices (HICP)

What is HICP? The Health Industry Cybersecurity Practices: Handling Risks and Safeguarding Patients article was created as a result of the Cybersecurity Act of 2015, which brought together more than…

NIST 7621

What is NIST 7621? The US Commerce Department’s National Institute of Standards and Technology (NIST) is a non-regulatory body responsible for investigating and developing standards for all federal agencies. The…

Secure Controls Framework (SCF)

What is Secure Controls Framework (SCF)? The Secure Controls Framework is a comprehensive list of controls created to empower businesses in the designing, building and maintenance stages of creating safe…

Cyber Resilience Review (CRR)

What is Cyber Resilience Review (CRR) The Cyber Resilience Review (CRR) assessment is a tool that measures a company’s cyber resilience. An organization can examine its capabilities against v1.1 of…

ISO 27002

What is ISO/IEC 27002? ISO/IEC 27002 is part of the ISO 27000 family of standards that were created to keep companies and organizations safe. ISO 27002 provides organizational guidance on…

OWASP SAMM

What is OWASP SAMM? SAMM (Software Assurance Maturity Model) is an OWASP framework designed to assist organizations in assessing, formulating, and implementing a software security plan that may be included…

Insider Threat Mitigation

What is Insider Threat Mitigation? In September 2021, the US Cybersecurity and Infrastructure Security Agency (CISA) published the Insider Risk Mitigation Self-Assessment Tool (IRMPE). The IRMPE is a tool that…

Ransomware Readiness Assessment

What is the Ransomware Readiness Assessment? The Ransomware Readiness Assessment (RRA) was released by the US Cybersecurity and Infrastructure Security Agency (CISA) in June 2021 as the latest addition to…

FINRA

What is FINRA? FINRA, the Financial Industry Regulatory Authority, is a non-profit self regulatory organization that ensures the integrity of the market, allowing investors and firms to participate with confidence.…

OWASP MASVS

What is OWASP MASVS? The Open Web Application Security Project (OWASP) is a non-profit international organization dedicated to improving the security of web applications. All of OWASP’s resources are freely…

NIST 800-82

What is the NIST SP 800-82 framework? The National Institute of Standards and Technology (NIST) Special Publication 800-82 offers detailed assistance regarding how to protect Industrial Control Systems (ICS), that…

NIST 800-207 (Zero Trust)

What is the Zero Trust Model? Zero trust is a growing security model that is based on the principle of enforcing strict access controls. The Zero Trust concept focuses on…

HECVAT

What is HECVAT? The Higher Education Community Vendor Assessment Toolkit (HECVAT) is a risk assessment template that was created in 2016 specifically for higher education institutions to assess vendor risk.…

NIST SP 800-53

What is NIST 800-53? NIST 800-53 is a comprehensive set of guidelines developed by the National Institute of Standards and Technology (NIST) aimed at helping organizations manage and protect their…

COSO

What is the COSO Framework? The Committee of Sponsoring Organizations of the Treadway Commission (COSO), a voluntary private-sector initiative, was established in 1985 to improve business performance and governance through…

NIST 800-46

What is the NIST SP 800-46 framework? The US Commerce Department’s National Institute of Standards and Technology (NIST) is a non-regulatory body responsible for investigating and developing standards for all…

COBIT 5

What is COBIT 5? COBIT is an IT management framework created by ISACA (Information Systems Audit and Control Association), which helps organizations achieve their goals for governance and management of…