Custom compliance frameworks

Achieve any compliance goals with our custom frameworks to suit any requirements

soc2-explained-video-cover
SOC 2 STANDARD

Is this the year you grow with SOC 2?

There’s no better standard to baseline your information security and earn trust with a broad customer base.

AssuranceLab is a registered CPA and CA firm ready to help you earn trust with SOC 2 in the US and globally.

We provide end-to-end readiness and audit services, with a cloud-native and agile approach that enables you to work at your own pace.

alab-network-countries-and-employees

You’re in great company. We work with hundreds of fast-growing software companies across 13 countries, ranging in size from 2 to 26,000 employees.

alab-network-countries-and-employees-1

We work with more than 800 fast-growing companies across 30+ countries, ranging in size from 2 to 26,000+ employees.

CUSTOM FRAMEWORKS

Do you have specific

compliance goals?

Pillar's sophisticated data model allows us to build custom frameworks quickly to suit any requirements

AssuranceLab has built dozens of frameworks ready to help you earn and maintain trust with your customers globally.

Whether you want to satisfy specific regulations, bespoke customer requirements, or any other nuanced compliance goals, we can build and deploy custom frameworks in Pillar and Drata to demonstrate your compliance and enable continuous monitoring.

alab-soc2-image
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital
  • Vital

THE PROCESS

Four Steps to Custom Frameworks

left arrow right arrow
alab-choice-of-goalposts-icon

Requirement Gathering

Let us know what regulation, standard or other specific requirements you have and what you need to do with it. We'll assess those requirements to provide a quote on building the custom framework(s) for you. We do that in a way that's compatible with our audits, and the Pillar and Drata platforms, so you can demonstrate your compliance and continue to monitor it.

alab-multi-standard-compliance-icon

Framework Build

We will build the framework by translating the standard, regulation or specific requirements into a digital form and mapping the relevant controls to satisfy those requirements.

Deploy

Deploy

We implement the framework in Pillar, Drata or another agreed method so that you can live track your controls, any applicable audits, and other information against the requirements of the framework.

alab-customer-confort-and-trust-icon

Audits

We can conduct audits that provide trust-building verification of your compliance with the custom framework. This can include an attestation report that demonstrates your compliance to customers and other stakeholders with detail on how you meet those specific requirements.

Ready to get started on your compliance journey?

FAQ

Your questions answered

What qualifies for a custom framework?

We can really build anything as a custom framework. Obviously it should be driven by a specific purpose or compliance goal that you have. That might be satisfying a specific customers' requirements, a regulation that we don't already cover in our audits, or even just for internal risk or operating control purposes. We just need a clear view of what is or should be part of that framework in order to build it in a digital form with the right corresponding controls.

What can we do with a custom framework?

In most cases, you'll use the custom framework to show stakeholders how you meet that framework. For example, if your customer has specific requirements for you to adhere to, we can build that custom framework and map your actual business activities (controls) to it to demonstrate how you meet those requirements. That may be just showing that mapping and your monitoring of those controls, or you may conduct an audit to verify your compliance and provide a report to your stakeholders to prove your compliance with that independent validation. 

Are these frameworks compatible with compliance platforms?

Yes. If you use Drata that allows custom frameworks, we can provide it in a format to import there for continuous monitoring of your compliance with the framework.

What custom frameworks have been built before?

For other clients previously, we have built:

  • The Commonwealth Bank of Australia's Tier 1 vendor governance requirements;
  • The Australian and New Zealand Privacy Principles
  • Essential 8
  • APRA's CPS 234
  • CDR Representatives to suit the specific requirements of our CDR Principle partners

OUR STANDARDS

Earn trust with other leading standards

alab-soc2-audit-01-icon
alab-soc2-audit-02-icon
alab-iso-27001-icon

SOC 1

SOC 2

ISO 27001

Demonstrate your security, and reliability and support regulatory compliance for large publicly listed customers with this AICPA report. Learn more.

alab-iso-27001-icon

ISO 42001

International standard for the safe and reliable development and implementation of Artificial Intelligence Management Systems. Learn more.

Trust services criteria to satisfy global customers for security, availability, confidentiality, privacy and processing integrity. Learn more.

alab-csa-star-icon

CSA STAR

A comprehensive, best practice standard for cloud security to achieve Level Two accreditation in the security, trust and risk (STAR) register. Learn more.

An international framework to apply a structured and best practice methodology for managing information security. Learn more.

alab-cdr-icon

Consumer Data Right

Access consumer data in Australia’s economy-wide open data regime with Consumer Data Right accreditation. Learn more.

alab-esg-icon
alab-gdpr-icon-1
audit-frameworkds-icon-alab

ESG Reporting

GDPR

CCPA/CPRA

A flexible framework to report up to 500+ positive impact activities supporting environmental, social and governance (ESG) objectives. Learn more.

differentiation-icon

GS 007

Demonstrate your compliance with investment mandates and appropriate registry, administration and custody activities. Learn more.

GDPR is regulated for personal data collected from EU citizens, and an effective framework to satisfy enterprise customers globally. Learn more.

alab-hipaa-icon

HIPAA

The global standard for proving secure handling of electronic protected health information (ePHI).
Learn more.

Regulates how businesses all over the world are allowed to handle the personal information (PI) of California residents. Learn more.

alab-gdpr-icon

GDPR

The global gold-standard for privacy. GDPR is regulated for personal data collected from EU citizens, and an effective framework to satisfy enterprise customers globally.

Get started your way

We’re ready when you are