3. List of Applicable Frameworks
The List of Applicable Frameworks provides an overview of the key cybersecurity, compliance, and industry-specific frameworks supported by CSFaaS. These frameworks are essential for aligning your organisation’s cybersecurity governance, risk management, and compliance activities with international standards and best practices.
Additionally, CSFaaS allows users to create and customise their own frameworks to address specific organisational needs and regulatory requirements.
CSFaaS supports frameworks spanning areas such as privacy, risk management, organisational management, healthcare, critical infrastructure, and emerging technologies. The platform ensures seamless integration and alignment with these frameworks, enabling organisations to meet regulatory obligations while enhancing their cybersecurity posture.
Framework and Translation Availability
Below is a categorised and structured list of available frameworks, including language availability (EN, FR, ES) and region of application.
This section provides a high-level overview of the frameworks supported by CSFaaS, including their geographical applicability and language availability. It helps users quickly understand which frameworks are relevant to their region and available in their preferred language.
Purpose
- Identify framework coverage by region (e.g., US, EU, Global).
- Check language support (EN, FR, ES) for each framework.
- Serve as a quick reference guide for framework selection and implementation.
Framework Availability Matrix
| Type | Framework | Region | EN | FR | ES |
|---|---|---|---|---|---|
| Privacy | NIST PF 1.0 | US |  |  | |
| GDPR | EU | | | | |
| IAPP CIPM | US-EU | | | | |
| Risk Management | NIST SP 800-37 | US | | | |
| Organisational Management | NIST SP 800-53 rev. 5 | US | | | |
| NIST CSF 2.0 | US | | | | |
| NIST SP 1300 Small Business | US | | | | |
| ISO 9001:2015 | ISO | | | | |
| ISO 27001:2022 | ISO | | | | |
| NCA ECC | SA | | | | |
| AICPA SOC2 | US | | | | |
| CCCS - Baseline Controls for SME | BE | | | | |
| Cyberfondamentaux Basic | BE | | | | |
| Cyberfondamentaux Important | BE | | | | |
| Cyberfondamentaux Essentials | BE | | | | |
| Cyberfondamentaux Small | BE | | | | |
| Health | HIPAA | US | | | |
| Financial Sector | DORA | EU | | | |
| Critical Infrastructure | NIS2 | EU | | | |
| NCA CSCC | SA | | | | |
| Cloud | NCA CCC | SA | | | |
| Bank Card Industry | PCI DSS | US | | | |
| Telework | NCA TCC | SA | | | |
| Social Media | NCA OSMACC | SA | | | |
| Operational Technology | NCA OTCC | SA | | | |
| Data Protection | NCA DCC | SA | | | |
| Artificial Intelligence | NIST AI 100-1 | US | | | |
| ISO 42001:2023 | ISO | | | | |
| Maturity Model | CMMC 2.0 | US | | | |