The Largest Framework Library on the Market
As your business evolves, so do your compliance needs. Hyperproof supports 160+ pre-built frameworks, giving you the flexibility to align with the standards that fit your industry, customers, and maturity. Explore our framework library to find the right fit.

Americans with Disabilities Act (ADA) and Web Content Accessibility Guidelines (WCAG) v2.2

APRA CPS 234

Australian Government Information Security Manual (ISM) for IRAP and ASD by ACSC

Australia ISM for IRAP and ASD by ACSC, December 2025

Adobe Common Controls Framework (CCF) v4

AWS Well-Architected Framework

Bank Secrecy Act Compliance Program (BSA)

Belgium Cyber Fundamentals

Brazilian General Data Protection Law (LGPD)

BSI Cloud Computing Compliance Controls Catalog (C5)

BSI Cloud Computing Compliance Controls Catalog (C5) 2020

BSI Cloud Computing Compliance Controls Catalog (C5) 2026

C4 CryptoCurrency Security Standard (CCSS)

CA Browser Forum Network Security Controls v1.3

Canadian OSFI B-13

California Privacy Rights Act (CPRA)

CA Browser Forum Baseline Requirements v2.2.6

Chilean Personal Data Protection Law (PDPL) – Law No. 19.628

China Cybersecurity Law – Personal information (PI) security specification

China Cybersecurity Law – Personal information (PI) security specification

Cisco Cloud Controls Framework (CCF)

CMS Acceptable Risk Safeguards 5.0x and Information Systems Security and Privacy Policy (IS2P2) v3.0

Centers for Medicare & Medicaid Services (CMS) Acceptable Risk Controls for Affordable Care Act (ACA), Medicaid, and Partner Entities (ARC-AMPE) v1.0.2

CMS Minimum Acceptable Risk Safeguards for Exchanges (MARS-E) Harmonized Security Privacy Framework v2.2

Cybersecurity Maturity Model Certification (CMMC v1.02)

CMMC 2.0 Selectable Level with DFARS 252.204 and NIST 800-53 NFO

Control Objectives for Information and Related Technologies (COBIT) 2019

CSA Consensus Assessments Initiative Questionnaire (CAIQ) v4

CSA Consensus Assessments Initiative Questionnaire (CAIQ) v4.1

Cloud Security Alliance (CSA) AI Controls Matrix (AICM) v 1.03

Cyber Risk Institute (CRI) Profile

Cyber Risk Institute Profile 2.0 (CRI)

Cybersecurity Capability Maturity Model (C2M2)

Digital Services Act (DSA)

Department of Homeland Security (DHS) 4300A – Sensitive Systems Handbook

Digital Operational Resilience Act (DORA)

Classified Protection of Cybersecurity (DJCP) or Multi-Level Protection Scheme (MLPS)

EASA Part-IS

EU AI Act

EU Regulation 2019/1020 on market surveillance and compliance of products

EU Data Act – EU Regulation 2023/2854

EU – US Data Privacy Framework (DPF)

EU Cyber Resilience Act

ETSI EN 319 401 V2.2.1

ETSI EN 319 411-1 V1.5.1

ETSI EN 319 401 V3.2.1

Spanish National Security Scheme (ENS) 2022

Family Educational Rights and Privacy Act of 1974 (FERPA) with PTAC Guidance

Federal Bureau of Investigations (FBI) CJIS Security Policy

FDA Electronic Records; Electronic Signatures (21 CFR Part 11)

FFIEC Cybersecurity Assessment Tool (CAT)

France ASIP HDS – HDH Certification – v1.1

French ANSSI SecNumCloud v3.2

Gramm-Leach-Bliley Act (GLBA) and FTC Safeguard Rule

Hyperproof Common Control Framework (CCF)

IATF 16949

Israeli Protection of Privacy Law and Regulations

Italian ACN

IBM Cloud Framework for Financial Services

IEC 62443 4-1

IEC 62443 4-2

ISO 14001:2015

ISO 17025:2017

ISO 20000

ISO 21434

ISO 22301:2019

ISO 26262

ISO 27001:2019

ISO 27002:2022

ISO 27017:2015

ISO 27018:2019

ISO 27701:2019

ISO 27799:2016

ISO 28000:2022

ISO 42001 AI Management System

ISO 45001:2018

ISO 9001:2015

ITSG-33 Government of Canada Controls Catalogue

International Traffic in Arms Regulations (ITAR) Compliance Program Guidelines

Japanese Information System Security Management and Assessment Program (ISMAP)

Korean Personal Information & Information Security Management System (ISMS-P)

MAS Technology Risk Management Guidelines (TRM)

Singapore Financial Services and Markets Act 2022

Microsoft SSPA v.10

Microsoft Supplier Privacy & Assurance Standards (SSPA DPR v7)

NERC Critical Infrastructure Protection (CIP)

NIS 2 Directive (EU) 2022/2555 with 2024/2690 and Member State Implementation

NIST SP 800-161

NIST 800-171 Rev2

NIST 800-171 Rev3

NIST SP 800-218

NIST SP 800-82

NIST SP 800-53 Rev5

NIST SP 800-53 Rev5 Selectable Baseline

NIST 800-53 Rev 5.2.0 – All Controls & Supplemental

NISTIR 8374 Ransomware Risk Management

NY Department of Financial Services (NYDFS) Part 500 Cybersecurity Requirements for Financial Services

New York Privacy Act Bill

OWASP Application Security Verification Standard (ASVS) v4.0.3

Payment Card Industry Data Security Standard (PCI DSS) 3.2.1 (Retired framework available for reference)

Payment Card Industry Data Security Standard (PCI DSS) 4.0.1

Personal Information Protection Act (PIPA) and its Regulation – Alberta, Canada

Personal Information Protection Act (PIPA) – British Columbia, Canada

SASB ESG

Saudi Arabia Essential Cybersecurity Controls (ECC) 2018

SEC 17 CFR Part 240 15c: Rules Relating to Over-the-Counter Markets (§§ 240.15c-2 and 240.1c-3)

SEC 17 CFR PART 240 17a: Preservation of Records and Reports of Stabilizing Activities (§§ 240.17a-1 – 240.17f-2)

Secure Controls Framework (SCF)

Secure Control Framework v. December 2024

Secure Controls Framework (SCF) – January 2026

Sarbanes–Oxley Act (SOX)

GovRAMP

SWIFT CSCF

Task Force on Climate-Related Financial Disclosures (TCFD)

Trusted Information Security Assessment Exchange (TISAX)

TISAX VDA ISA 6.0.3

Texas Risk and Authorization Management Program (TX-RAMP)

UK Cyber Essentials: Requirements for IT infrastructure

UK Financial Conduct Authority (FCA) Handbook, Act (FSMA), and Regulated Order (RAO)

UK Economic Crime and Corporate Transparency Act 2023 (ECCTA)

WebTrust Principles and Criteria
Ready to see
Hyperproof in action?












































