CyRAACS-logo-black-Orignal

Stay Compliant

Compliance Challenges

Compliance to multiple Standards and Frameworks
Continuous Audits - Requirements from Customers and Investors
Increased Regulatory Scrutiny
No single view of Risks and Security posture
Tracking Issues from Assessments and Audits
Tracking Exceptions to Security Requirements

Why COMPASS?

COMPASS can help you manage multiple compliance requirements in a single portal. COMPASS allows you to build custom frameworks based on your business and compliance requirements.
COMPASS provides complete visibility into your security controls, a clear understanding of your compliance posture, and actionable recommendations to remediate issues, without any clutter.

COMPASS Capabilities

COMPASS-Capabilities-cyraacs-features-outcomes

MODULES

Standard Assessments
Assessments against
any standard, framework
and regulation
Risk Assessments
Risk Register, Risk and Control Mapping and Risk Treatment
Issues Management
Framework, Issue Tracking and Exception Management

Reporting

Custom Templates, Comprehensive Reports
Control Libraries
ISO 27001, SOC 2, CSA STAR, ISO 27017, ISO 27018 etc.

CONTROL LIBRARIES

15+ Frameworks built to help you achieve and maintain compliance faster
Build your own Custom Framework to align to your business and compliance needs
NISTSOCRBI-logoSEBI-logoCSA-logoISO27017-2015ISO27018-2019

Global Standards and Frameworks

ISO 27001:2013
SOC
SOC2 Type 2 SSAE 2018
NIST-logo
NIST 800-53 rev5
NIST-logo
NIST CSF

CSA-logo
CSA STAR

ITGC
IT General Controls
ISO 27001:2022
ISO-27017-2015
ISO 27017:2015
ISO-27018-2019
ISO 27018:2019
ISO-27701
ISO 27701:2019

Indian Financial Regulatory Requirements

RBI-logo
RBI Master Direction - IT Framework for NBFC

RBI-logo
RBI IT Governance, Risk, Controls and Assurance Practices
RBI-logo
RBI Requirements on
Storage of Payment Systems Data
UPI
UPI IS Audit Requirements
RBI-logo
RBI NPA Requirements
SEBI-logo
SEBI System Audit Requirements
RBI-logo
RBI E-sign Requirements


RBI-logo
SAR – IS Audit
Payment System – 1325

RBI-logo
SAR – IS Audit Payment System 1325 + Account Aggregator

MODULES AND FEATURES

Standard Assessments

Stay Compliant with multiple frameworks
Monitor compliance towards commonly known frameworks like ISO, NIST, SOC 2, CSA STAR, and custom frameworks from a single Portal
Assign Controls to Specific Owners
Review Control Responses and Artefacts in a Single Place
Track Assessment status through Intelligent Workflows and Notifications
Obtain detailed recommendations for achieving Compliance
Conduct Validation Assessments to assess improvement in Compliance
Obtain Comprehensive Reports for Assessments

Risk Assessment

Single View of Information Security Risks
Built around the framework provided by NIST SP 800-30 Guide for Conducting Risk Assessments
Track and monitor your Information Security risks across Business Processes, Information Systems, Employees and Vendors
Develop your own Scoring Model based on your business needs
Identify your Risk Appetite
Assess your Risks and related Controls Effectiveness
Develop Risk Treatment Plan, and assign and track mitigation tasks

Issue Management

Track Critical Issues and Exceptions
Develop your own Framework to Log Issue Types, Ratings and Timelines for Closure
Assign Owners, Approvers and Followers for Issues
Track Progress through Workflows and Notifications
Enable Notifications for Overdue Issues
Add Exceptions, obtain Approvals and Track Closure

Reporting

Build Comprehensive and Custom Reports
Use Built-in and easy to use Templates for all Control Frameworks
Comprehensive Reports
Create Unified reports for multiple frameworks
Build your own custom templates based on your Compliance needs
© COPYRIGHT 2023, ALL RIGHTS RESERVED
crossmenu linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram