Skip to content
ZxR Cyber Sentinel 4.1 is available — Discover our AI models
35 Frameworks

Find the frameworks that apply to you

Identify the compliance frameworks applicable to your organization in 60 seconds.

Framework Finder

Answer 4 questions to get your personalized recommendations.

1
2
3
4

Your industry?

Popular Packs

Framework combinations tailored to your regional and sector challenges.

EU Pack

4 frameworks

NIS2 + DORA + GDPR + EU AI Act

~300 articles

Morocco Pack

4 frameworks

DNSSI v2 + Law 05-20 + ISO 27001 + DGSSI Approval

~350 requirements

Finance Pack

4 frameworks

PCI DSS + SOC 2 + DORA + SWIFT CSP

~400 controls

Full Catalog

Browse all 35 frameworks natively supported by Zaxyr.

35 frameworks
ISO
Supported

ISO 27001:2022

ISO/IEC

93 controls

Information security management system. Requirements and Annex A controls.

View details
ISO
Supported

ISO 27002:2022

ISO/IEC

93 controls

Best practices for information security controls. Detailed implémentation guide.

View details
ISO
Supported

ISO 27005

ISO/IEC

12 clauses

Information security risk management. Risk analysis methodology.

View details
ISO
Supported

ISO 22301

ISO/IEC

10 clauses

Business continuity management system. BCP/DRP requirements.

View details
SOC
Supported

SOC 2 Type II

AICPA

5 criteria

Trust Services Criteria: security, availability, integrity, confidentiality, privacy.

View details
N
Supported

NIST CSF 2.0

NIST

6 functions

NIST cybersecurity framework. Govern, Identify, Protect, Detect, Respond, Recover.

View details
N
Supported

NIST 800-53

NIST

1000+ controls

Security and privacy controls catalog for federal information systems.

View details
PCI
MandatorySupported

PCI DSS v4.0

PCI SSC

12 requirements

Payment card industry data security standard.

View details
EB
Supported

EBIOS RM

ANSSI

5 workshops

ANSSI risk analysis methodology. Threat scenario approach.

View details

Looking for a personalized recommendation?

CI
Supported

CIS Controls v8

CIS

18 controls

18 prioritized critical security controls. Universal defensive best practices.

View details
CO
Supported

COBIT

ISACA

40 objectives

ISACA IT governance and management framework for the enterprise.

View details
SW
MandatorySupported

SWIFT CSP

SWIFT

32 controls

Customer Security Programme. Mandatory security controls for the SWIFT network.

View details
HI
MandatorySupported

HIPAA

HHS

18 standards

Health Insurance Portability and Accountability Act. Health data protection.

View details
MI
Supported

MITRE ATT&CK

MITRE

200+ techniques

Knowledge base of adversary tactics and techniques observed in the real world.

View details
NIS
MandatorySupported

NIS2

EU

46 articles

EU directive on network and information systems security. Extended obligations for essential entities.

View details
DO
MandatorySupported

DORA

EU

64 articles

Digital Operational Resilience Act. Digital resilience for the European financial sector.

View details
RG
MandatorySupported

RGPD / GDPR

EU

99 articles

General Data Protection Regulation. Individual rights and controller obligations.

View details
EU
MandatorySupported

EU AI Act

EU

113 articles

EU regulation on artificial intelligence. Risk classification and category-based obligations.

View details

Looking for a personalized recommendation?

CY
MandatorySupported

Cyber Resilience Act

EU

71 articles

Cybersecurity requirements for products with digital elements. Manufacturer and importer obligations.

View details
EI
MandatorySupported

eIDAS 2.0

EU

50+ articles

Electronic identification and trust services for transactions within the internal market.

View details
CY
Supported

Cyber Essentials

NCSC UK

5 controls

UK basic certification scheme. 5 essential technical cybersecurity controls.

View details
LP
MandatorySupported

LPM

ANSSI

20 rules

Military programming law. Security obligations for operators of vital importance (OIV).

View details
RG
MandatorySupported

RGS

ANSSI

14 rules

General Security Framework. Security rules for French administrations and public services.

View details
DN
MandatorySupported

DNSSI v2.0

DGSSI

104 requirements

National Directive on Information System Security. Mandatory requirements in Morocco.

View details
LO
MandatorySupported

Loi 05-20

DGSSI

52 articles

Moroccan cybersecurity law. Legal framework for information system protection.

View details
HO
MandatorySupported

Homologation DGSSI

DGSSI

4 phases

Security approval process for IS in public organizations and critical infrastructure.

View details
NC
MandatorySupported

NCA ECC

NCA Saudi

108 controls

Essential Cybersecurity Controls from the Saudi National Cybersecurity Authority.

View details

Looking for a personalized recommendation?

PD
MandatorySupported

PDPL Saudi

SDAIA

43 articles

Saudi Personal Data Protection Law (PDPL). Supervised by SDAIA, effective since September 2023.

View details
PD
MandatorySupported

PDPPL Qatar

CDA Qatar

72 articles

Qatar Personal Data Privacy Protection Law (PDPPL, Law 13/2016). Applicable to any organization processing data in Qatar.

View details
NE
MandatorySupported

NESA

NESA UAE

188 controls

National Electronic Security Authority. UAE electronic security standards.

View details
NI
MandatorySupported

NIA Qatar

NCSA

80+ controls

National Information Assurance Policy (NIA v3). Mandatory security controls for government entities and critical infrastructure in Qatar.

View details
IE
Supported

IEC 62443

IEC

7 requirements

Industrial control system and SCADA security. Security levels and zones.

View details
TS
Supported

TS 50701

CENELEC

4 levels

Railway cybersecurity. Security levels for signaling and control systems.

View details
NE
MandatorySupported

NERC CIP

NERC

11 standards

Critical Infrastructure Protection. Standards for North American electric grids.

View details
N
Supported

NIST SP 800-82

NIST

6 chapters

Guide to Industrial Control Systems (ICS) security. SCADA and DCS recommendations.

View details

Automatic Cross-Mapping

Zaxyr automatically maps controls between frameworks to eliminate duplicates. One implemented control covers multiple requirements simultaneously.

Auto
Cross-mapping

ISO 27001 controls automatically cover NIST, SOC 2, DNSSI

800+
Assessable controls

Each control is linked to all applicable frameworks

AI
Gap Analysis

AI identifies gaps and proposes prioritized action plans

Framework not listed?

Can't find your framework? Zaxyr supports custom frameworks. Import your internal policies and sector-specific requirements.

Ready to simplify your compliance?

Zaxyr consolidates all your frameworks in a single console. AI gap analysis, automatic cross-mapping, continuous monitoring.