Standards

Manage multiple regulatory compliance frameworks
and standards in one platform

Centraleyes enables cyber risk teams to easily create and define frameworks to fit their specific needs, or choose from tens of pre-populated integrated risk and compliance frameworks. By mapping shared controls across frameworks, Centraleyes allows for a quicker, automated compliance process

Security

Secure Controls Framework (SCF)

What is Secure Controls Framework (SCF)? The Secure Controls Framework is a comprehensive list of controls created to empower businesses in the designing, building and maintenance stages of creating safe…

OWASP ASVS

What is the OWASP ASVS? The Open Web Application Security Project (OWASP), is a non-profit international organization dedicated to improving the security of web applications. All of OWASP’s resources are…

CIS Controls

What are the CIS Controls? The CIS Critical Security Controls (CSC) are published by the Center for Internet Security (CIS) to assist organizations in better defending against well-known threats by…

NIST CSF

What is the NIST CSF? The NIST Cybersecurity Framework, also known as the NIST CSF, enhances Critical Infrastructure Cybersecurity by providing a mechanism for evaluating and enhancing the capacity of…

Privacy

GDPR

What is the GDPR? The General Data Protection Regulation (GDPR) is a European Union law that went into effect on May 25, 2018. It demands companies to protect personal data…

NY SHIELD Act

What is the NY SHIELD Act? On March 21, 2020, the data security provisions of New York’s Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act”) came into force.…

ISO 27701

What is ISO/IEC 27701? ISO/IEC 27701 establishes guidelines and describes standards for implementing, designing, maintaining, and continuing to improve a Privacy Information Management System as a complement to ISO/IEC 27001…

Compliance

FFIEC

What is the FFIEC Compliance Framework? The Federal Financial Institutions Inspection Council (FFIEC) is a structured interagency body made up of five banking regulators who are in charge of the…

PCI DSS

What is PCI DSS? The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure the protection of cardholder data and secure payment…

SOC 2 Type II

What is SOC 2 Type II compliance? SOC 2 (System and Organization Controls 2) is an auditing process developed by the American Institute of CPAs (AICPA). Its primary initiative is…

ISO 27001

What is ISO/IEC 27001? ISO/IEC 27001 is a member of the ISO 27000 family of standards. The ISO 27001 standard is internationally accepted as a specification for an Information Security…

Get our full list of supported standards and frameworks

Skip to content