🎉 Scytale named 2026 G2 Best Software Award winner in GRC.

Scytale

Log in

Get a demo
Backround
ALL FRAMEWORKS

80+ security, privacy & AI frameworks.

One AI GRC platform. Every framework you’ll ever need – add, map, and maintain them all from a single source of truth.

Book a demo
Scytale frameworks
FRAMEWORK LIBRARY

Every framework, one platform.

Filter by category to find what your customers, partners, or regulators need.

35 of 35 frameworks
soc 1 badge
  • Financial

SOC 1

Focuses on internal controls over financial reporting, ensuring financial data is handled accurately.
SOC 2 framework
  • Security

SOC 2

Evaluates how organizations manage customer data based on security, availability, processing integrity, confidentiality, and privacy.
ISO 27001 framework
  • Security

ISO 27001

The international standard for information security management systems (ISMS), protecting data confidentiality, integrity, and availability.
iso 27017 badge
  • Security

ISO 27017

Provides security controls specifically for cloud services, extending ISO 27001 for cloud environments.
iso 27018 badge
  • Privacy

ISO 27018

Focuses on protecting personal data in the cloud, especially for cloud service providers handling PII.
iso 27701 badge
  • Privacy

ISO 27701

Extends ISO 27001 to include privacy management, helping organizations manage personal data and meet privacy regulations.
ISO 42001 framework badge
  • AI

ISO 42001

Defines requirements for managing AI systems responsibly, covering governance, risk, and ethical use of AI.
iso 9001 badge
  • Operational

ISO 9001

Establishes a framework for quality management systems to ensure consistent products and services.
ISO 27799 badge
  • Healthcare

ISO 27799

Applies information security best practices specifically to healthcare data and systems.
  • Operational

ISO 22301

Focuses on business continuity, ensuring organizations can operate during disruptions.
iso 27032 badge
  • Privacy

ISO 27032

Provides guidelines for cybersecurity, focusing on protecting digital assets and online interactions.
HIPAA framework
  • Healthcare

HIPAA

US regulation that protects sensitive patient health information and ensures healthcare data privacy.
PCI DSS framework
  • Financial

PCI DSS

Security standard for organizations that handle payment card data, aimed at preventing fraud.
GDPR framework
  • Privacy

GDPR

EU regulation governing how personal data is collected, processed, and protected.
sox itgc badge
  • Financial

SOX ITGC

Ensures IT systems supporting financial reporting have proper controls, supporting SOX compliance.
ccpa badge
  • Privacy

CCPA

California law giving consumers rights over their personal data and how businesses use it.
cmmc badge
  • Government

CMMC

US framework for defense contractors to protect controlled unclassified information.
cyber essentials plus badge
  • Security

Cyber Essentials Plus

UK certification validating strong cybersecurity controls through independent technical testing.
  • Security

Essential 8

Australian framework outlining eight key strategies to mitigate cyber threats.
C5
  • Security

C5

German cloud security standard focused on security, transparency, and compliance.
CSA STAR
  • Security

CSA STAR

Cloud security assurance program assessing cloud providers against best practices.
Bill 64 / Law 25 badge
  • Privacy

Bill 64 / Law 25

Quebec privacy law strengthening data protection and accountability requirements.
the popi act badge
  • Privacy

POPI Act

South African law regulating how personal information is processed and protected.
nist 800-53 badge
  • Government

NIST 800-53

Comprehensive catalog of security and privacy controls for federal systems and beyond.
NIST 800-171
  • Government

NIST 800-171

Security requirements for protecting controlled unclassified information (CUI) in non-federal systems.
NIST CSF 2.0
  • Security

NIST CSF 2.0

Framework for managing cybersecurity risk across identify, protect, detect, respond, and recover functions.
NIS2 Directive badge
  • Security

NIS2 Directive

EU directive strengthening cybersecurity requirements for critical and digital service providers.
EU AI Act framework badge
  • AI

EU AI Act

Regulates AI systems based on risk levels, focusing on safety, transparency, and accountability.
DORA framework badge
  • Financial

DORA

EU regulation ensuring financial institutions can withstand and recover from ICT disruptions.
TISAX framework badge
  • Operational

TISAX

Automotive industry standard for information security and data protection.
cis badge
  • Security

CIS Critical Security Controls

Prioritized set of cybersecurity actions to defend against common threats.
  • Privacy

PIPL

China’s data protection law governing personal information processing and cross-border transfers.
coppa badge
  • Privacy

COPPA

US law protecting the online privacy of children under 13.
govramp badge
  • Government

GovRAMP

US program standardizing security requirements for cloud providers serving government agencies.
CRA
  • Security

Cyber Resilience Act

The CRA aims to safeguard consumers and businesses by setting cybersecurity requirements for software and hardware products with digital elements placed on the EU market.
NEN 7510
  • Healthcare

NEN 7510

NEN 7510 is the Dutch standard for information security in healthcare, providing a mandatory framework for protecting patient data across healthcare organizations and their vendors in the Netherlands.

Custom frameworks

Not seeing what you're looking for? Get in touch to learn more about how we can customize our platform to meet your compliance needs.
INTEGRATIONS

Plug into everything you already use.

Integrate Scytale with all your favorite tools, enabling even more automation, flexibility and continuous trust.

AWS

GCP

Azure

GitHub

Jira

Jira

Okta

Slack icon

Slack

+200 more

See all integrations
LOVED BY COMPLIANCE TEAMS

Don't just take our word for it.

See why GRC, security, and engineering leaders rate Scytale a G2 Leader.

G2 stars

“They are committed to getting you certified and reach that goal. Check-in meetings were planned, progress was followed and audits were done. The integrations are good, easy to use and well documented.”

Peter Vader

Head of Managed Operations (and Security Officer)
G2 stars

“The platform’s ability to integrate with various cloud platforms, source control solutions, and ticket systems streamlined the process of collecting evidence for controls, saving a lot of time and effort.”

Erwee B

Erwee B

Head of Engineering
G2 stars

“I can focus exactly on my role and the required deliveries instead of dealing with the extra work related to creating the support system. I am receiving constant guidance from the team on where to focus.”

Yossi Bronshtein

Yossi Bronshtein

Head of Security and IT
G2 stars

Scytale makes it easy to get prepared for a SOC 2 audit; with a clear progress status and what exactly is required.

Nir B

Nir B

CISO

G2 stars

“They are committed to getting you certified and reach that goal. Check-in meetings were planned, progress was followed and audits were done. The integrations are good, easy to use and well documented.”

Peter Vader

Head of Managed Operations (and Security Officer)
G2 stars

“The platform’s ability to integrate with various cloud platforms, source control solutions, and ticket systems streamlined the process of collecting evidence for controls, saving a lot of time and effort.”

Erwee B

Erwee B

Head of Engineering
G2 stars

“Going through the hoops of compliance is not an easy fit for a first timer. Scytale and their staff eased my transition into the role and helped me a lot to understand the ins and the outs of the process.”

Pavel Zagalsky

DevOps/DevSecOps Engineer
G2 stars

Scytale makes it easy to get prepared for a SOC 2 audit; with a clear progress status and what exactly is required.

Nir B

Nir B

CISO
See all reviews
RESOURCES

The compliance insights you need.

Learn more about Scytale and smarter GRC management.

Resource Hub

Learn more

GRC Center

Learn more

SOC 2 Center

Learn more

ISO 27001 Center

Learn more
START OWNING IT

Every framework.
One platform.

Add, map, and maintain 80+ security, privacy and AI frameworks from a single source of truth.

Book a Demo