ComplianceMappings

SELECT

A Standard, Regulation
or Best Practice

MAP

To Other Standards, Regulations & Best Practices

REPORT

Create a Printable Compliance Mapping Report

Select the Framework(s) of Interest for Mapping and Relationship Reports:

View our library of pre-built mappings!

ISO 27002 -- Code of Practice

Mapped Relationship(s)

	- FTC - 16 CFR 314-Standards for Safeguarding Customer Information
	Appendix III to OMB Circular No. A-130 - Security of Federal Automated Information Resources
	CMMI Level 2 Processes - MANAGED
	Federal Register 12 CFR Part 30, et al. Interagency Guidelines Establishing Standards for Safeguarding Customer Information
	Generally Accepted Privacy Principles (GAPP) August 2009
	HIPAA Controls
	HIPAA Rules (CFR eff. 9/23/13)
	HITECH
	IdM Services
	INTERNET BANKING AND TECHNOLOGY RISK MANAGEMENT GUIDELINES V.3 June 2008
	ISO 20000-2:2005 Code of Practice
	ISO 27001:2005 Management Clauses
	NERC CIP
	NISPOM - DoD 5220.22-M National Industrial Security Program - Feb 2006
	NIST 800-53 Rev 3 August 2009
	NIST 800-82 - Guide to Industrial Control Systems (ICS) Security
	NIST Controls Catalog 800-53 Rev 2
	NIST SP 800-53 Rev 4 Final
	PBGC Non Technical
	PCI Data Security Standard V1.2 October 2008
	PCI DSS Version 2 - October 2010
	POPI - PROTECTION OF PERSONAL INFORMATION BILL - South Africa
	Safe Harbor Principles
	SOX Compliance
	The Information Technology ACT, 2008 (India)

ABOUT US

Compliance Mappings is a collection of standards, regulations, and best practice frameworks that utilize C2C SmartCompliance Compliance Mapper API to create relationship and mapping reports between the frameworks

OUR MAPPING ENGINE

Our mapping engine helps organizations manage compliance with a compliance management framework that can be adjusted as operational environments change, and new requirements come into force.

OUR APPROACH

Compliance Infrastructure Management^tm Compliance is not static. Regulations will change. Business will grow. Policies and procedures will evolve. Your GRC framework must be easily customizable to support on-going regulatory attestation.