Standards

Manage multiple regulatory compliance frameworks
and standards in one platform

Centraleyes enables cyber risk teams to easily create and define frameworks to fit their specific needs, or choose from tens of pre-populated integrated risk and compliance frameworks. By mapping shared controls across frameworks, Centraleyes allows for a quicker, automated compliance process

Security

NIST 800-207 (Zero Trust)

What is the Zero Trust Model? Zero trust is a growing security model that is based on the principle of enforcing strict access controls. The Zero Trust concept focuses on…

COSO

What is the COSO Framework? The Committee of Sponsoring Organizations of the Treadway Commission (COSO), a voluntary private-sector initiative, was established in 1985 to improve business performance and governance through…

NIST 800-46

What is the NIST SP 800-46 framework? The US Commerce Department’s National Institute of Standards and Technology (NIST) is a non-regulatory body responsible for investigating and developing standards for all…

MITRE ATT&CK

What is the MITRE ATT&CK Framework? MITRE ATT&CK is a framework that organizes and categorizes the different approaches, strategies and procedures utilized by threat actors in the digital environment, assisting…

Privacy

Personal Information Privacy Law (PIPL) of China

What is PIPL? Personal Information Privacy Law (PIPL) is the new Chinese data privacy law that became effective on November 1st, 2021. PIPL establishes an extensive data protection framework for…

Nevada Privacy Law

What is the Nevada privacy law? The Nevada Revised Statutes on Security and Privacy of Personal Information (‘NRS’) include the state’s privacy rules, which are contained in Chapter 603A. Recently,…

POPIA

What is POPIA? South Africa’s new data privacy framework is the Protection Of Personal Information Act. It establishes a minimal baseline for privacy regulation in all industries. It applies to…

GDPR

What is the GDPR? The General Data Protection Regulation (GDPR) is a European Union law that went into effect on May 25, 2018. It demands companies to protect personal data…

Compliance

Cyber Essentials (UK)

What is Cyber Essentials (UK)? Cyber Essentials is a government-backed scheme that was created to help organizations of all sizes protect themselves from a wide range of common cyber attacks.…

ISO 27002

What is ISO/IEC 27002? ISO/IEC 27002:2013, titled “Information technology — Security techniques — Code of practice for information security controls,” is an international standard, with organizational guidance for implementing information…

UAE IA

What is the UAE IA Regulation?  The UAE’s Telecommunications Regulatory Authority (TRA) released the Information Assurance (IA) Regulation V1.1 in March 2020, to establish minimum baseline parameters for safeguarding the…

ISO 22301

What is the ISO 22301 standard? ISO 22301 is an international standard for Business Continuity Management. It offers a step-by-step guide to establishing and maintaining an efficient business continuity management…