Compliance

Compliance Frameworks

ScruteX generates continuous compliance evidence across 31+ regulatory frameworks. Explore how our platform maps to your specific obligations.

Global

PCI DSS v4.0

How ScruteX Supports Payment Card Industry Data Security Standard Compliance

ISO 27001

How ScruteX Supports ISO 27001 Information Security Management System Compliance

SOC 2

How ScruteX Supports SOC 2 Type II Compliance

NIST CSF 2.0

How ScruteX Supports NIST CSF 2.0 Implementation

CSA STAR

How ScruteX Supports CSA STAR Certification

IEC 62443

How ScruteX Supports IEC 62443 Industrial Cybersecurity

IMDRF Cybersecurity Guidelines

How ScruteX Supports IMDRF Medical Device Cybersecurity Compliance

Europe & UK

GDPR / UK GDPR

How ScruteX Supports General Data Protection Regulation Compliance

DORA

How ScruteX Supports DORA Compliance for Financial Entities

NIS2 Directive

How ScruteX Supports NIS2 Directive Compliance

NCSC CAF

How ScruteX Supports NCSC CAF Compliance

United States

HIPAA / HITECH

How ScruteX Supports HIPAA and HITECH Compliance

NIST SP 800-53

How ScruteX Supports NIST SP 800-53 Security Controls

NIST SP 800-82

How ScruteX Supports NIST SP 800-82 for Industrial Control Systems

FISMA

How ScruteX Supports FISMA Compliance

FedRAMP

How ScruteX Supports FedRAMP Authorization

CMMC 2.0

How ScruteX Supports CMMC 2.0 Compliance for Defence Contractors

EO 14028

How ScruteX Supports EO 14028 Compliance

NYDFS Cybersecurity Regulation

How ScruteX Supports NYDFS Cybersecurity Regulation Compliance

CCPA / CPRA

How ScruteX Supports California Consumer Privacy Act Compliance

SOX IT General Controls

How ScruteX Supports Sarbanes-Oxley IT General Controls Compliance

Australia

APRA CPS 234

How ScruteX Supports APRA Prudential Standard CPS 234 Compliance

Cyber Security Act 2024

How ScruteX Supports Compliance with Australia's Cyber Security Act 2024

SOCI Act

How ScruteX Supports SOCI Act Compliance for Critical Infrastructure

ISM (Information Security Manual)

How ScruteX Supports ISM Compliance

Privacy Act / NDB Scheme

How ScruteX Supports Australian Privacy Act and NDB Scheme Compliance

My Health Records Act

How ScruteX Supports My Health Records Act Compliance

Asia-Pacific

MAS TRM Guidelines

How ScruteX Supports MAS Technology Risk Management Guidelines Compliance

PDPA (Singapore)

How ScruteX Supports Singapore PDPA Compliance

Financial Sector

SWIFT CSP

How ScruteX Supports SWIFT CSP Compliance

Healthcare

FDA Cybersecurity Guidance

How ScruteX Supports FDA Cybersecurity Requirements for Medical Devices

Frequently asked questions

Which compliance frameworks does ScruteX support?+

ScruteX provides continuous external evidence for SOC 2, ISO 27001, PCI DSS v4.0, GDPR, HIPAA, DORA, NIST CSF, APRA CPS 234, CPS 230, RBI Cyber Resilience Guidelines, FedRAMP, FISMA, CMMC 2.0, CSA STAR, NCSC CAF, SOCI Act, EO 14028, and more.

Does ScruteX replace a GRC or audit platform?+

No. ScruteX complements GRC tooling by generating the external, technical evidence auditors ask for (exposed assets, leaked credentials, misconfigurations, third-party exposure) so your team stops screenshotting scans by hand.

How is compliance evidence delivered?+

Evidence is exported as time-stamped PDF/CSV reports mapped to each control, with an audit trail of when the check ran and what changed since the last run.

How often is the compliance posture reassessed?+

Standard plans run monthly scheduled reports. Enterprise plans continuously reassess the posture, clear remediated findings automatically, and surface new exposure the moment it appears.