Toggle Menu
Request a demo Contact us Resources

Simply your compliance efforts with industry best practices

SureCloud’s GRC platform is flexible enough to support all of your organisation’s risk and compliance needs. SureCloud’s industry-leading compliance technology allows your team to take advantage of built-in control content as well as providing the ability to import any control framework (including your own).

The built-in SureCloud control library comes with the following regulations and frameworks as standard:

SureCloud Content Library

SureCloud supports multiple compliance frameworks and standards using our control mapping technology. Allowing you to directly import and update the frameworks and standards into your compliance solution seamlessly.

Deploy over 850, out of the box, SCF supplied, controls that are rationalised and baselined against 150+ global regulations, frameworks and standards. Workflow to help manage updates and changes to the controls directly within SureCloud.

Learn more

The Cloud Security Alliance Cloud Controls Matrix (CCM) is specifically designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in assessing the overall security risk of a cloud provider.

Available

ISO 27002 Information technology — Security techniques — Code of practice for information security controls.

Available

ISO 27017 Information technology — Security techniques — Code of practice for information security controls. This standard outlines the guidance and implementation of the cloud specific security controls.

Available

ISO 27018 Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors.

Available

PCI DSS is the global data security standard that any business of any size must adhere to accept payment cards. It offers common-sense steps that mirror security best practices.

Available

The ISF Standard of Good Practice for Information Security provides a business-orientated focus on current and emerging information security issues and helps organisations develop a practical framework for information security policies, standards and procedures.

Available

NIST Cybersecurity Framework (CSF) is U.S. Government guidance for private sector businesses that own, operate, or supply critical infrastructure. NIST CSF provides a base level of cybersecurity processes and essential controls.

Available

NIST 800-53 is U.S. Government guidance for all U.S. federal information systems except those related to national security. NIST 800-53 provides security and privacy controls.

Available

NIST 800-171 is U.S. Government guidance for protecting Controlled Unclassified Information.

Available

NIST Privacy Framework is U.S. Government guidance to help organisations identify and manage privacy risk to build innovative products and services while protecting individuals’ privacy.

Available

The Health Insurance Portability and Accountability Act (HIPAA) establishes the standard for the management of sensitive patient data protection. Organisations that manage protected health information (PHI) need security measures in place and evidence they are followed to display they are HIPAA Compliance.

Available

ISO 27001 Infomation security management system is a standard used for creating a framework on managing risks to the security of information you hold.

Available

How can we help?