WIN WITH TRUST
Take Advantage of 30+ Pre-Built Frameworks
Get compliant fast and manage multiple frameworks more easily with Drata. Whether you’re just getting started with SOC 2, expanding to ISO 27001, or managing hundreds of requirements, Drata has you covered.
Choose from dozens of pre-built frameworks.
Reduce repeat audit and assessment effort.
Monitor controls continuously across requirements.
Show your compliance externally via Trust Center.
SUPPORTED FRAMEWORKS
Designed to Support Your Compliance Needs
SOC 2
Demonstrate audited controls that protect customer data and build trust.
SOC 2
ISO 27001
Certify an ISMS to manage security risk and improve governance.
ISO 27001
GDPR
Comply with EU privacy requirements for lawful processing and data rights.
GDPR
HIPAA
Safeguard PHI with HIPAA-aligned privacy and security controls.
HIPAA
CMMC 2.0
Meet DoD maturity requirements to protect CUI across the supply chain.
CMMC
PCI DSS
Protect cardholder data with PCI DSS security requirements.
PCI DSS
FedRAMP
Authorize your cloud for U.S. federal use with continuous monitoring.
FedRAMP
HITRUST
Unify security and privacy controls under the HITRUST CSF.
HITRUST
TISAX
Satisfy automotive security requirements for suppliers and partners.
TISAX
NIST AI Risk Management
Manage AI risk with NIST guidance for oversight.
NIST AI RMF
NIS 2
Strengthen EU cyber resilience with required governance and incident readiness.
NIS 2
CCM
Map cloud controls to CSA CCM for assurance and risk visibility.
CCM
CIS
Harden your environment with CIS Controls to reduce common attack paths.
CIS
CCPA
Honor California privacy rights with access, deletion, and opt-out workflows.
CCPA
Cyber Essentials
Validate core cyber hygiene against common internet threats.
Cyber Essentials
DORA
Improve ICT resilience to meet EU financial-sector operational requirements.
DORA
Essential Eight
Reduce ransomware risk with Australia’s preferred mitigations.
Essential Eight
ISO 27701
Extend ISO 27001 with a privacy information management system.
ISO 27701
ISO 27017
Clarify cloud shared-responsibility security guidance.
ISO 27017
ISO 27018
Protect PII in the public cloud with privacy controls.
ISO 27018
ISO 42001
Govern responsible AI with a standardized management system.
ISO 42001
Microsoft SSPA
Demonstrate supplier security alignment with Microsoft expectations.
Microsoft SSPA
NIST 800-171
Protect controlled unclassified information in non-federal systems.
NIST 800-171
NIST 800-53
Apply controls for comprehensive security and privacy coverage.
NIST 800-53
NIST CSF 2.0
Align governance to NIST CSF 2.0 risk management outcomes.
NIST CSF 2.0
NYDFS
Meet New York’s cybersecurity regulation with required controls.
NYDFS
FFIEC
Prepare for financial services exams with aligned cyber maturity.
FFIEC
COBIT 19
Govern enterprise IT with COBIT 2019 objectives.
COBIT 19
SOX ITGC
Demonstrate IT controls for reliable financial reporting.
SOX ITGC
FedRAMP 20x
Support Low and Moderate authorization under FedRAMP 20x
Coming Soon!
Custom
Tailor to your unique customer, auditor, or internal needs.
Custom Frameworks
Request a New Framework
Not seeing what you need? Let us know!
Request Framework
FEATURED PRODUCTS & RELATED FRAMEWORKS
Get Compliant with Drata
Enterprise GRC
Centralize governance, controls, risks, policies, and evidence across the enterprise to stay continuously audit-ready.
Discover Enterprise GRC
Compliance Automation
Automate evidence collection and control monitoring across frameworks so you’re always prepared for your next audit.
Discover Compliance Automation
See All Frameworks
Unlock the Power of Automation
Integrate Drata with your tech stack to power continuous trust.
See All Integrations
WHAT CUSTOMERS SAY
Achieve Compliance Easier
See the Proof
“The promise of automation has long been discussed in the compliance world, but never truly realized. Drata has turned that into reality.”
Jonathan Jaffe
CISO
“Drata has done a really good job creating a single pane of information from risk to vendor management to compliance.”
Jodi Page
Information Security Program Manager
“By harnessing the arsenal of templates for policies and security documents, our compliance journey became more manageable. It's pretty hard to not do the right thing with Drata.”
Noa Flaherty
CTO/Founder
Launch Your Compliance Program with Confidence
Get a Demo