Scale compliance across 200+ frameworks, seamlessly with Sprinto AI

Sprinto helps fast-growing teams get certified faster and stay continuously compliant without rebuilding controls as they grow.

Explore all frameworks

Build once. Reuse everywhere.

Sprinto AI uses a common control framework to set up controls once, reuse them across frameworks, and stay audit-ready with automatic evidence and continuous monitoring.

Framework directory

Sprinto supports standard and custom frameworks. New frameworks plug into what’s already set up — showing only what’s new, not what you’ve already done.

Categories

  • frameworks soc 2
    SOC 2 Compliance Platform | Evidence, Audit Prep & Autonomous Monitoring | Sprinto

    SOC 2 helps SaaS and cloud companies prove their security, availability, and confidentiality to customers—often becoming a requirement for mid-market and enterprise deals.

    View SOC 2 framework
  • ISO-27001
    ISO 27001 for Startups & SMBs | Automated Certification, No Manual Work | Sprinto

    ISO 27001 provides a structured, risk-based ISMS that helps organizations standardize security practices and demonstrate compliance across regions and industries.

    View ISO 27001 framework
  • PCI-DSS
    Secure cardholder data and meet payment security standards.

    PCI DSS ensures organizations that store, process, or transmit payment card data follow strict controls to reduce fraud and protect sensitive financial information.

    View PCI DSS framework
  • GDPR
    Meet EU data protection requirements with ongoing privacy controls.

    GDPR helps organizations protect personal data, manage consent, and demonstrate accountability when handling data of EU residents—reducing regulatory risk and building customer trust.

    View GDPR framework
  • HIPAA
    Protect healthcare data and meet U.S. regulatory requirements.

    HIPAA sets standards for safeguarding protected health information (PHI) and is essential for healthcare providers, health tech companies, and partners handling sensitive patient data.

    View HIPAA framework
  • NIST-CSF
    A flexible framework for managing cybersecurity risk.

    The NIST Cybersecurity Framework helps organizations identify, protect, detect, respond to, and recover from security risks

    View NIST CSF framework
  • ISO-4200
    A standard for responsible AI management systems.

    ISO 42001 helps organizations govern AI systems responsibly by defining controls for risk management, transparency, accountability, and continuous improvement.

  • TISAX
    An information security assessment framework for the automotive industry.

    TISAX standardizes how automotive companies and suppliers assess and demonstrate information security across complex supply chains.

  • ISO-27001
    A cloud security standard based on ISO 27001.

    ISO 27017 provides additional security controls for cloud service providers and cloud customers, addressing risks specific to cloud environments.

  • CIS-controls
    A prioritized set of cybersecurity best practices.

    The CIS Controls help organizations strengthen security hygiene by focusing on the most effective actions to prevent, detect, and respond to common cyber threats.

  • CSA-star
    A cloud security assurance and transparency framework.

    CSA STAR enables organizations to assess and demonstrate cloud security posture using standardized controls, maturity models, and public assurance mechanisms.

  • FCRA
    A U.S. regulation governing consumer credit information.

    FCRA defines requirements for collecting, using, and protecting consumer credit data, commonly impacting financial services and background screening organizations.

  • OFDSS
    A data security standard for regulated environments.

    OFDSS focuses on safeguarding sensitive operational and financial data, typically required in region-specific or sector-specific regulatory contexts.

  • CCPA
    A California privacy law governing personal data rights.

    CCPA gives consumers rights over their personal data and requires organizations to implement controls for data access, transparency, and protection.

document-search-logo
Not found what you are looking ?
Explore our APls
frameworks soc 2
Security
Build customer trust and unblock sales with audit-ready controls.

Get structured guidance, tools, templates, and practical workflows to formalize, automate, and grow your GRC practice. 

View SOC 2 framework
ISO 27001 encyclopedia
ISO 27001 Encyclopedia

A curated guide to the framework, requirements, audit readiness, and foundational resources to help you achieve and manage ISO 27001.

View hub
SOC 2 encyclopedia
SOC 2 Encyclopedia

Guides and resources covering everything from controls and criteria to monitoring and auditor readiness, designed to simplify the SOC 2 journey.

View hub
Iso 42001
ISO 42001 Encyclopedia

The ultimate starter’s guide to the foundations of ISO 42001, industry best practices, and curated resources, all in one place.

View hub
encyclopedia hippa
HIPAA Encyclopedia

A practical reference for understanding HIPAA, figuring out what applies to you, and building compliance that holds up in real audits.

View hub

Start with what you need. Scale without friction.

Talk to us
frameworks-bg
framework-bg-mob