30+ Security & Compliance Frameworks
Pre-built control libraries and compliance mappings for the world's most recognised security standards. Covering NIST, ISO, Australian government, privacy, and industry-specific frameworks - all ready to go from day one.
Choose Your Path to Compliance
Whether you need to meet government requirements, satisfy customer audits, or improve your security posture, we've got you covered with frameworks across every major standard.
Powered by the Secure Controls Framework
Every framework in Risk Ninja is mapped to the Secure Controls Framework (SCF) - a meta-framework that bridges across 100+ security and privacy standards. This means your compliance work in one framework automatically maps to others, eliminating duplicate effort.
- Cross-framework mapping out of the box
- Reduce duplicate assessments by up to 60%
- Unified compliance posture across all active frameworks
- Prioritise remediation for maximum multi-framework impact
Example: Cross-Framework Mapping
NIST Family
10 frameworksCybersecurity Framework 2.0 - the gold standard for cybersecurity risk management
Security and Privacy Controls for Information Systems and Organizations
Protecting Controlled Unclassified Information (Rev 3)
Protecting Controlled Unclassified Information (Rev 2)
Enhanced Security Requirements for CUI
Cybersecurity Supply Chain Risk Management
Zero Trust Architecture
Secure Software Development Framework (SSDF)
Artificial Intelligence Risk Management Framework
AI Safety and Security Guidelines
ISO Family
5 frameworksInformation Security Management System - the world's most recognised security standard
Information Security Controls - implementation guidance for ISO 27001
Privacy Information Management - extension to ISO 27001 for privacy
Privacy Framework - principles for processing personal data
AI Management System - governance framework for artificial intelligence
Australian Frameworks
7 frameworksEssential Eight Maturity Model - prioritised mitigation strategies with maturity level tracking
Australian Government Information Security Manual - comprehensive security controls for government
Operational Risk Management - APRA prudential standard for regulated entities
Information Security - APRA prudential standard for financial services
Australian Privacy Act - federal legislation governing personal information handling
APPs - the cornerstone of the privacy protection framework under the Privacy Act
Voluntary code for securing Internet of Things devices in Australia
Industry & Regulatory
6 frameworksCenter for Internet Security Critical Security Controls
Payment Card Industry Data Security Standard
Trust Services Criteria - the foundation for SOC 2 audits
Trusted Information Security Assessment Exchange for the automotive industry
Government Risk Assessment & Management Program
Insurance Data Security Model Law for the insurance industry
Privacy Frameworks
3 frameworksAsia-Pacific Economic Cooperation privacy principles for cross-border data flows
OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data
Data Privacy Management Principles for organisational privacy programs
Need a Framework We Don't Have?
Risk Ninja supports fully custom frameworks. Import your own controls from Excel or CSV, define custom compliance statuses, and track everything alongside your built-in frameworks.
Request a FrameworkReady to Streamline Your Compliance?
Get started with Risk Ninja and see how easy multi-framework compliance can be.