SOC 2 Type II — Aligned
Scope: Security, Availability, Confidentiality
Controls designed against the AICPA Trust Services Criteria. Readiness package available under NDA.
Request readiness package Compliance
Designed around the frameworks your team has to prove.
Every framework below ships with a readiness or alignment package your auditor will ask for. "Aligned" means our controls map to the framework's requirements; "In Process" means formal assessment is underway with a target ATO or certification date.
Designed around the frameworks your auditor will ask about
SOC 2 Type II · Aligned
ISO 27001 Aligned
ISO 27701 Aligned
HIPAA Aligned
FedRAMP Moderate · In Process
CJIS Aligned
Frameworks
Six frameworks, one evidence pipeline.
ISO 27001 — Aligned
Scope: Information security management system (ISMS)
Aligned to the ISO 27001 Annex A control set. Statement of Applicability available under NDA.
Request SoAHIPAA — Aligned
Scope: Administrative, physical, and technical safeguards for PHI
BAA available on Enterprise and Government plans. Annual HIPAA risk assessment performed against the Security Rule.
Request HIPAA packageISO 27701 — Aligned
Scope: Privacy information management (PIMS) extending ISO 27001
Aligned to ISO 27701 Annex A and Annex B controls. Mapping available under NDA.
Request ISO 27701 mappingFedRAMP Moderate — In Process
Scope: US federal information systems
In Process. Sponsoring agency: confidential. ATO target: 2026-Q4.
Request FedRAMP statusCJIS — Aligned
Scope: Criminal justice information services policy
Government plan operates in a CJIS-aligned enclave with US-citizen-only personnel.
Request CJIS packageNeed a control mapping for a framework not listed?
We map to ~20 frameworks behind the scenes. Tell us which one and we'll send the evidence package.