See it in Action

Standards

Manage multiple regulatory compliance frameworks
and standards in one platform

Centraleyes enables cyber risk teams to easily create and define frameworks to fit their specific needs, or choose from tens of pre-populated integrated risk and compliance frameworks. By mapping shared controls across frameworks, Centraleyes allows for a quicker, automated compliance process.

Full List of Standards
  • Recent Frameworks

All Standards | Security

Security

NIST AI RMF?

What is NIST AI RMF? As artificial intelligence gains traction and becomes increasingly more popular, it is critical to understand the risks that apply to companies who are creating AI…
More...
Security

DORA EU

What is DORA (EU)? The DORA Regulation (No. 2022/2554), known as the Digital Operational Resilience Act, is an important EU law about cybersecurity for financial institutions like banks or credit…
More...
Security

ESG Risk 

What is ESG Risk? ESG risk refers to the potential negative impacts on a company’s performance and reputation arising from environmental, social, and governance factors. It encompasses a wide range…
More...
Security

Business Email Compromise

What is the Business Email Compromise? Business Email Compromise (BEC) is a type of cyber attack in which criminals target businesses or organizations by using email to trick employees into…
More...
Security

Health Industry Cybersecurity Practices (HICP)

What is HICP? The Health Industry Cybersecurity Practices: Handling Risks and Safeguarding Patients article was created as a result of the Cybersecurity Act of 2015, which brought together more than…
More...
Security

NIST 7621

What is NIST 7621? The US Commerce Department’s National Institute of Standards and Technology (NIST) is a non-regulatory body responsible for investigating and developing standards for all federal agencies. The…
More...
Security

Secure Controls Framework (SCF)

What is Secure Controls Framework (SCF)? The Secure Controls Framework is a comprehensive list of controls created to empower businesses in the designing, building and maintenance stages of creating safe…
More...
Security

Cyber Resilience Review (CRR)

What is Cyber Resilience Review (CRR) The Cyber Resilience Review (CRR) assessment is a tool that measures a company’s cyber resilience. An organization can examine its capabilities against v1.1 of…
More...
Security

ISO 27002

What is ISO/IEC 27002? ISO/IEC 27002 is part of the ISO 27000 family of standards that were created to keep companies and organizations safe. ISO 27002 provides organizational guidance on…
More...
Security

OWASP SAMM

What is OWASP SAMM? SAMM (Software Assurance Maturity Model) is an OWASP framework designed to assist organizations in assessing, formulating, and implementing a software security plan that may be included…
More...
Security

Insider Threat Mitigation

What is Insider Threat Mitigation? In September 2021, the US Cybersecurity and Infrastructure Security Agency (CISA) published the Insider Risk Mitigation Self-Assessment Tool (IRMPE). The IRMPE is a tool that…
More...
Security

Ransomware Readiness Assessment

What is the Ransomware Readiness Assessment? The Ransomware Readiness Assessment (RRA) was released by the US Cybersecurity and Infrastructure Security Agency (CISA) in June 2021 as the latest addition to…
More...
Security

FINRA

What is FINRA? FINRA, the Financial Industry Regulatory Authority, is a non-profit self regulatory organization that ensures the integrity of the market, allowing investors and firms to participate with confidence.…
More...
Security

OWASP MASVS

What is OWASP MASVS? The Open Web Application Security Project (OWASP) is a non-profit international organization dedicated to improving the security of web applications. All of OWASP’s resources are freely…
More...
Security

NIST 800-82

What is the NIST SP 800-82 framework? The National Institute of Standards and Technology (NIST) Special Publication 800-82 offers detailed assistance regarding how to protect Industrial Control Systems (ICS), that…
More...
Security

NIST 800-207 (Zero Trust)

What is the Zero Trust Model? Zero trust is a growing security model that is based on the principle of enforcing strict access controls. The Zero Trust concept focuses on…
More...
Security

HECVAT

What is HECVAT? The Higher Education Community Vendor Assessment Toolkit (HECVAT) is a risk assessment template that was created in 2016 specifically for higher education institutions to assess vendor risk.…
More...
Security

NIST SP 800-53

What is the NIST SP 800-53 framework? NIST SP 800-53 was created to provide federal agencies with standards and guidelines for protecting and managing their information security systems, as well…
More...
Security

COSO

What is the COSO Framework? The Committee of Sponsoring Organizations of the Treadway Commission (COSO), a voluntary private-sector initiative, was established in 1985 to improve business performance and governance through…
More...
Security

NIST 800-46

What is the NIST SP 800-46 framework? The US Commerce Department’s National Institute of Standards and Technology (NIST) is a non-regulatory body responsible for investigating and developing standards for all…
More...
Security

COBIT 5

What is COBIT 5? COBIT is an IT management framework created by ISACA (Information Systems Audit and Control Association), which helps organizations achieve their goals for governance and management of…
More...
Security

ICDM

What is the ICDM Framework? The Israeli Cyber Defense Methodology (ICDM), also known as The Corporate Defense Methodology is part of the National Defense Concept, which includes a variety of…
More...
Security

OWASP ASVS

What is the OWASP ASVS? The Open Web Application Security Project (OWASP), is a non-profit international organization dedicated to improving the security of web applications. All of OWASP’s resources are…
More...
Security

MITRE ATT&CK

What is the MITRE ATT&CK Framework? MITRE ATT&CK is a framework that organizes and categorizes the different approaches, strategies and procedures utilized by threat actors in the digital environment, assisting…
More...
Security

ISO 27001

What is ISO/IEC 27001? ISO/IEC 27001 is a member of the ISO 27000 family of standards. The ISO 27001 standard is internationally accepted as a specification for an Information Security…
More...
Security

CIS Controls

What are the CIS Controls? The CIS Critical Security Controls (CSC) are published by the Center for Internet Security (CIS) to assist organizations in better defending against well-known threats by…
More...
Security

CSA

What is the CSA? The Cloud Security Alliance (CSA) is an organization committed to securing cloud computing environments by sharing best practices and raising awareness of the risks involved. CSA…
More...
Security

NIST CSF

What is the NIST CSF? The NIST Cybersecurity Framework, also known as the NIST CSF, enhances Critical Infrastructure Cybersecurity by providing a mechanism for evaluating and enhancing the capacity of…
More...

Get our full list of supported standards and frameworks

500 7th Avenue New York, NY 10018

Contact Us

PLATFORM

USE CASES

STANDARDS

INDUSTRIES

PARTNERS

RESOURCES

ABOUT

GUIDES

© Copyright 2023 by Centraleyes Tech Ltd | Privacy Policy

Sign up for our Centraleyes
Intelligence Report

500 7th Avenue New York, NY 10018

Contact Us

PLATFORM

STANDARDS

INDUSTRIES

USE CASES

ABOUT

RESOURCES

GUIDES

PARTNERS

© Copyright 2023 by Centraleyes Tech Ltd |  Privacy Policy
Watch
Demo
Partner Login

Try the Centraleyes
Risk & Compliance

Free for 30 Days

Skip to content