18+ Frameworks Supported
Frameworks We Support
CyberAudit is designed to support organizations operating under multiple overlapping regulatory requirements. Frameworks are presented as supported assessment perspectives—not isolated checklists.
U.S. Federal and Defense
- NIST SP 800-171
- CMMC Level 2
- NIST SP 800-53
- FedRAMP Moderate
- StateRAMP
- NIST CSF 2.0
Commercial & International
- SOC 2 (Type I and II)
- ISO/IEC 27001
- ISO/IEC 27001:2022
Healthcare & Financial
- HIPAA Security Rule
- PCI DSS v4.0
Public Sector & Justice
- CJIS Security Policy
- State & local government
Linux Endpoints
- CIS Benchmarks
International & Regional
- Cyber Essentials (UK)
- Cyber Essentials Plus
- NIS2 Directive
- EU GDPR (technical measures)
- EU Cyber Resilience Act
- EU Cybersecurity Act
Frameworks Are Interpreted in Context
Frameworks are not treated as isolated checklists. Contextual interpretation is applied based on organizational scope and regulatory intent. Controls are mapped across frameworks so one body of evidence can support multiple requirements—reducing duplicate work and improving "also covers" reporting.
Support is designed to reflect context rather than one-size-fits-all execution. Organizations operating across additional regulatory frameworks can discuss support scope during an evidence walkthrough.