Compliance Frameworks
Map security findings to NIST, ISO 27001, SOC 2, HIPAA, and more.
The Compliance Dashboard showing framework selection and control status(click to enlarge)
Supported Frameworks
NIST SP 800-53
U.S. federal security controls for information systems
ISO 27001
International information security management standard
SOC 2
Service organization controls for trust services
HIPAA
Healthcare data security requirements
PCI DSS
Payment card industry data security standard
CIS Controls
Center for Internet Security benchmarks
How Compliance Mapping Works
VigilPrism automatically maps security audit findings to compliance framework controls:
- 1Run Security Audit - Agent performs 55-60+ security checks
- 2Auto-Mapping - Findings are mapped to selected framework controls
- 3Gap Analysis - See which controls are met, partial, or missing
- 4Generate Reports - Export compliance reports for auditors
Understanding Compliance Status
Compliant - Control requirements fully met
Partial - Some control requirements met
Non-Compliant - Control requirements not met
Not Applicable - Control not relevant to this system
Example: Control Mapping
A firewall check maps to multiple framework controls:
{
"check": "check_firewall_status",
"result": "FAIL",
"compliance_mappings": [
{
"framework": "NIST SP 800-53",
"control": "SC-7",
"description": "Boundary Protection"
},
{
"framework": "ISO 27001",
"control": "A.13.1.1",
"description": "Network controls"
},
{
"framework": "SOC 2",
"control": "CC6.6",
"description": "Boundary protection"
}
]
}Running Compliance Audits
Via Dashboard
Navigate to Compliance → select framework → Run Assessment
Via API
curl http://server:8000/api/v1/compliance/nist/status \
-H "Authorization: Bearer $TOKEN"