Skip to main content
[ Supported Frameworks ] _

50+ Compliance Frameworks, One Platform

GetCybr supports every major compliance standard your clients need — from global frameworks like ISO 27001 and SOC 2 to regional requirements like NIS2, DORA, and NCA. Plus unlimited custom frameworks on Enterprise and Self-Hosted tiers.

Get a Demo View Pricing
Global

Global Standards

Popular

ISO 27001

ISO 27001:2022

Automate your information security management system (ISMS) with 93 Annex A controls — the global gold standard for security certification.

Learn more
Popular

SOC 2

SOC 2 Type I & II

Streamline SOC 2 compliance across Trust Service Criteria — security, availability, processing integrity, confidentiality, and privacy controls.

Learn more

NIST CSF

NIST Cybersecurity Framework (CSF)

Manage cybersecurity risk with the NIST CSF — standards and best practices for identifying, protecting, detecting, responding to, and recovering from threats.

NIST 800-53

NIST 800-53

Comprehensive catalogue of security and privacy controls for federal systems — automate control assessments and manage compliance across your organisation.

CIS Controls

CIS Controls v8

Prioritised cybersecurity controls across three implementation groups — streamline threat defence and automate compliance tracking for your organisation.

ISO 22301

ISO 22301

Build organisational resilience with ISO 22301 — manage disaster recovery plans and automate business continuity compliance during disruptions.

NIST 800-171

NIST SP 800-171

Protecting Controlled Unclassified Information (CUI) in non-federal systems — 110 security requirements aligned with CMMC 2.0 compliance.

New

ISO 42001

ISO/IEC 42001

AI management system standard — governance, risk management, and responsible AI practices for organisations developing or deploying AI systems.

EU

European Union

GDPR

General Data Protection Regulation

Automate GDPR compliance — manage consent, data subject rights, and privacy obligations for any organisation processing EU residents' personal data.

New

NIS2

NIS2 Directive

EU directive on cybersecurity for essential and important entities — network and information security across critical sectors.

New

DORA

Digital Operational Resilience Act

EU regulation ensuring financial entities can withstand, respond to, and recover from ICT-related disruptions and threats.

UK GDPR

UK GDPR & Data Protection Act 2018

Post-Brexit UK data protection regulation — mirroring EU GDPR requirements for organisations processing UK residents' personal data.

US

United States

HIPAA

HIPAA

Automate HIPAA compliance and protect PHI — required for healthcare organisations and business associates handling sensitive patient health information.

PCI DSS

PCI DSS v4.0

Manage cardholder data security and meet PCI DSS v4.0 deadlines — required compliance for any organisation that accepts, processes, or stores credit card data.

CMMC

CMMC 2.0

Achieve CMMC 2.0 certification and protect CUI — built on NIST 800-171 requirements and mandatory for all DoD contractors in the Defence Industrial Base.

FedRAMP

FedRAMP

Streamline your FedRAMP ATO (Authority to Operate) — standardised cloud security assessment for services used by US federal government agencies.

CCPA

CCPA / CPRA

Automate data privacy compliance and manage consumer rights — California residents' right to know, delete, and opt-out under CCPA and CPRA.

StateRAMP

StateRAMP

Standardised cloud security verification for US state and local government — aligned with FedRAMP controls for sub-federal procurement.

Middle East

Middle East

New

NCA

NCA Frameworks

Saudi National Cybersecurity Authority frameworks — ECC, CSCC, DCC, CCC, OSMCC, and TCC. Mandatory for organisations operating in Saudi Arabia.

UAE IA

UAE IA Standard

UAE Information Assurance Standards — manage cybersecurity controls, risk governance, and compliance for government and critical infrastructure entities.

Industry

Industry & Sector

COBIT

COBIT 2019

Strengthen IT governance and streamline audit readiness with COBIT 2019 — aligning IT strategy, risk management, and business objectives across the enterprise.

ISO 9001

ISO 9001

Manage quality processes and accelerate ISO 9001 certification — drive continuous process improvement and ensure consistent quality in products and services.

Cyber Essentials

Cyber Essentials

UK government-backed certification scheme — meet Cyber Essentials requirements for government procurement and guard against the most common cyber threats.

CSA STAR

CSA STAR

Cloud Security Alliance assurance program — security, trust, and risk assessment for cloud service providers and their customers.

GetCybr also offers dedicated compliance platforms for ISO 27001 and SOC 2, with automated gap analysis, policy documentation, and audit-ready reporting.

Unlimited Custom Frameworks

Need a Framework We Don't List?

Enterprise and Self-Hosted tiers include unlimited custom framework support. Define your own controls, evidence requirements, and assessment criteria — or let our team help you build it.

Business tier includes 5 core pre-built frameworks. Upgrade to Enterprise for full access to all 50+ frameworks and custom creation.

Talk to Sales Compare Plans
FAQ

Frequently Asked Questions

How many compliance frameworks does GetCybr support?

GetCybr supports 50+ compliance frameworks out of the box, including SOC 2, ISO 27001, NIS2, DORA, NCA, NIST CSF, HIPAA, PCI DSS, GDPR, CMMC, and many more. Enterprise and Self-Hosted tiers also support unlimited custom frameworks.

Can I add a custom compliance framework?

Yes. Enterprise and Self-Hosted tiers include the ability to create unlimited custom frameworks from scratch — define your own controls, evidence requirements, and assessment criteria. Business tier includes 5 core pre-built frameworks.

Does GetCybr support regional compliance requirements?

Absolutely. We cover global standards (ISO 27001, SOC 2), EU regulations (NIS2, DORA, GDPR), US frameworks (HIPAA, CMMC, FedRAMP), and Middle East requirements (NCA, UAE IA). Our platform is designed for service providers with clients across multiple jurisdictions.

Can I map controls across multiple frameworks?

Yes. GetCybr supports cross-framework control mapping, so evidence collected for one framework can satisfy requirements across others. This dramatically reduces duplication when clients need to comply with multiple standards simultaneously.

Trusted Standards

Frameworks We Support

Logos of the compliance frameworks and standards supported by GetCybr.

ISO 27001 logo ISO 27001
SOC 2 logo SOC 2
NIST CSF logo NIST CSF
NIST 800-53 logo NIST 800-53
CIS Controls logo CIS Controls
ISO 22301 logo ISO 22301
NIST 800-171 logo NIST 800-171
ISO 42001 logo ISO 42001
GDPR logo GDPR
NIS2 logo NIS2
DORA logo DORA
UK GDPR logo UK GDPR
HIPAA logo HIPAA
PCI DSS logo PCI DSS
CMMC logo CMMC
FedRAMP logo FedRAMP
CCPA logo CCPA
StateRAMP logo StateRAMP
NCA logo NCA
UAE IA logo UAE IA
COBIT logo COBIT
ISO 9001 logo ISO 9001
Cyber Essentials logo Cyber Essentials
CSA STAR logo CSA STAR
Cyber Intelligence Digest

Not Ready for a Demo?

Join 500+ security leaders getting weekly vCISO insights, compliance updates, and threat intelligence.

No spam. Unsubscribe anytime.

Explore More

ISO 27001 Platform Automated ISMS compliance
SOC 2 Software Audit-ready SOC 2 compliance
Integrations Connect your existing tools
GRC Platform Compliance automation for MSPs
vCISO Services Full-spectrum vCISO delivery

Ready to Deliver Multi-Framework Compliance?

See how GetCybr automates compliance across 50+ frameworks for your entire client portfolio. Book a 30-minute walkthrough.

Get a DemoView Pricing
Get a Demo
GetCybr AI
Hi! Need help with compliance or security? 👋