Authorised Economic Operator (AEO) Programmes - Global Standards

International (97+ countries)

vOngoing (WCO SAFE-based)

5 domains

36 controls

Authorised Economic Operator (AEO) programmes are globally implemented supply chain security and trade facilitation initiatives based on the WCO SAFE Framework. Over 97 countries operate AEO programmes. AEO status is granted to economic operators (importers, exporters, customs brokers, carriers, warehouse operators) that demonstrate compliance with customs requirements, financial solvency, and supply chain security standards. Mutual recognition arrangements (MRAs) between countries provide reciprocal AEO benefits. Key programmes include EU AEO, US C-TPAT, Japan AEO, China AEO, and Australia Trusted Trader.

Verified

Get the official standard — this page is an AI-assisted companion tool, not a replacement for the authoritative text.

Visit wcoomd.org

Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.

Framework Domains (5)

AEO Eligibility and Compliance

15 controls

Eligibility, compliance, records, validation and governance conditions for AEO status.

Controls in the AEO Eligibility and Compliance domain of Authorised Economic Operator (AEO) Programmes - Global Standards — 15 controls
Code	Title	Description
AEO-1	AEO programme eligibility and legal basis	The AEO programme has a clear legal basis and defined eligibility criteria for operators in the international supply cha...
AEO-13	Self-assessment and internal audit	The operator conducts self-assessment and internal audit against the AEO criteria.
AEO-14	Customs procedures and declaration accuracy	Customs declarations and procedures are accurate and timely.
AEO-15	Mutual recognition arrangements	The AEO status is recognised under mutual recognition arrangements with partner administrations.
AEO-16	AEO validation and re-validation	AEO status is validated initially and re-validated periodically by Customs.
AEO-17	Notification of changes	The operator notifies Customs of material changes affecting its AEO status.
AEO-18	Trade facilitation benefits realisation	The operator realises and tracks the trade-facilitation benefits of AEO status.
AEO-19	Suspension, withdrawal and revocation	Procedures govern suspension, withdrawal and revocation of AEO status for non-compliance.
AEO-2	Customs compliance record	The operator demonstrates an appropriate record of compliance with customs and related legislation.
AEO-20	AEO governance and accountability	Governance and accountability arrangements oversee the operator's AEO obligations.
AEO-21	Customs broker and forwarder oversight	The operator oversees customs brokers and freight forwarders acting on its behalf.
AEO-22	Sanctions and restricted party screening	The operator screens parties against sanctions and restricted/denied party lists.
AEO-23	Documentation accuracy and tariff classification	Tariff classification, valuation and origin are determined and documented accurately.
AEO-3	Commercial and transport records system	The operator maintains a satisfactory system for managing commercial and, where appropriate, transport records.
AEO-4	Financial solvency	The operator demonstrates financial viability/solvency sufficient to fulfil its obligations.

AEO Security Requirements

8 controls

Security and safety requirements an AEO must meet across premises, cargo, personnel, IT and partners.

Controls in the AEO Security Requirements domain of Authorised Economic Operator (AEO) Programmes - Global Standards — 8 controls
Code	Title	Description
AEO-10	Security training and awareness	Personnel receive supply-chain security training and awareness.
AEO-11	Risk management and threat assessment	The operator assesses supply-chain security risks and threats and applies mitigations.
AEO-12	Crisis management and incident recovery	The operator has crisis-management and recovery procedures for security incidents.
AEO-5	Premises security and safety standards	Premises are secured against unauthorised access and intrusion (barriers, access control, lighting, monitoring).
AEO-6	Cargo security and conveyance integrity	Cargo and conveyances are protected against tampering, with seal integrity and inspection procedures.
AEO-7	Business partner security	Security requirements are imposed on and verified for business partners in the supply chain.
AEO-8	Personnel security	Personnel are screened, and access for departing employees is removed; insider-threat measures apply.
AEO-9	Information security and IT systems	Information and IT systems supporting the supply chain are protected (access control, backup, integrity).

WCO SAFE Pillar 1 - Customs-to-Customs

4 controls

SAFE Pillar 1 standards governing Customs-to-Customs network arrangements.

Controls in the WCO SAFE Pillar 1 - Customs-to-Customs domain of Authorised Economic Operator (AEO) Programmes - Global Standards — 4 controls
Code	Title	Description
P1-S1	Advance electronic information	Customs require advance electronic information on inbound, outbound and transit shipments to enable risk assessment.
P1-S2	Risk management	A consistent risk-management approach is used to identify high-risk consignments using advance information.
P1-S3	Outbound inspection	High-risk cargo and conveyances are inspected, preferably using non-intrusive detection equipment, at the request of the...
P1-S4	Mutual recognition (Customs-to-Customs)	Customs administrations cooperate and recognise each other's controls and AEO authorisations.

WCO SAFE Pillar 2 - Customs-to-Business

6 controls

SAFE Pillar 2 standards governing Customs-to-Business partnerships (the AEO programme).

Controls in the WCO SAFE Pillar 2 - Customs-to-Business domain of Authorised Economic Operator (AEO) Programmes - Global Standards — 6 controls
Code	Title	Description
P2-S1	Partnership programme (AEO)	Customs establish a partnership (AEO) programme with the private sector defining authorisation criteria and benefits.
P2-S2	Security standards	AEO applicants meet defined supply-chain security standards across the relevant areas.
P2-S3	Authorization and validation	Customs validate adherence to the security practices and grant AEO authorisation accordingly.
P2-S4	Technology utilization	Appropriate technology is used to secure and monitor the supply chain (e.g. seals, tracking, NII).
P2-S5	Communication	Customs and AEOs maintain regular communication, including on security incidents and programme changes.
P2-S6	Trade facilitation benefits	AEOs receive tangible trade-facilitation benefits (e.g. fewer inspections, priority treatment, simplified procedures).

WCO SAFE Pillar 3 - Customs-to-Government

3 controls

SAFE Pillar 3 standards governing Customs-to-other-Government-agencies cooperation.

Controls in the WCO SAFE Pillar 3 - Customs-to-Government domain of Authorised Economic Operator (AEO) Programmes - Global Standards — 3 controls
Code	Title	Description
P3-S1	Inter-agency cooperation	Customs cooperate with other government agencies on supply-chain security and facilitation.
P3-S2	Single window facilitation	A single-window environment allows traders to submit information once to fulfil border-regulatory requirements.
P3-S3	Data sharing	Customs and government agencies share relevant data to support security and facilitation, with appropriate safeguards.

Your Compliance Coverage

If you comply with Authorised Economic Operator (AEO) Programmes - Global Standards, you already cover:

NIST Cybersecurity Framework 2.0

25%

9 controls mapped

Compare →

NIST SP 800-171A Rev 3 - Assessing CUI Security Requirements

19%

7 controls mapped

Compare →

NIST SP 800-53 Rev 5

19%

7 controls mapped

Compare →

+ 175 more: ISO 28001:2007 Supply Chain Security Management (17%), FBI CJIS Security Policy (17%)

See all 178 mapped frameworks ↓

Maps to 178 other frameworks

36 total controls

NIST Cybersecurity Framework 2.0

9 source controls mapped|10 target controls covered

25%

NIST SP 800-171A Rev 3 - Assessing CUI Security Requirements

7 source controls mapped|6 target controls covered

19%

NIST SP 800-53 Rev 5

7 source controls mapped|12 target controls covered

19%

ISO 28001:2007 Supply Chain Security Management

6 source controls mapped|5 target controls covered

17%

FBI CJIS Security Policy

6 source controls mapped|3 target controls covered

17%

ISO/IEC 23894:2023

6 source controls mapped|10 target controls covered

17%

ICAO Annex 17 - Aviation Security (AVSEC)

5 source controls mapped|3 target controls covered

14%

NIST Privacy Framework

5 source controls mapped|4 target controls covered

14%

ISO 15189:2022 - Medical Laboratories Requirements for Quality and Competence

5 source controls mapped|4 target controls covered

14%

NIST SP 1800-32

5 source controls mapped|4 target controls covered

14%

APRA CPS 230 Operational Risk Management

5 source controls mapped|6 target controls covered

14%

ISO 27019

5 source controls mapped|5 target controls covered

14%

AS9100D:2016 - Quality Management Systems for Aviation, Space, and Defence

5 source controls mapped|5 target controls covered

14%

AS9100D - Aerospace Quality Management System

5 source controls mapped|7 target controls covered

14%

ISO/IEC 27003:2017

5 source controls mapped|7 target controls covered

14%

IEC 62443

5 source controls mapped|5 target controls covered

14%

Annex 11 to EU GMP - Computerised Systems

5 source controls mapped|2 target controls covered

14%

API 1164

5 source controls mapped|5 target controls covered

14%

NIST AI Risk Management Framework (AI RMF 1.0)

5 source controls mapped|6 target controls covered

14%

C-TPAT - Customs-Trade Partnership Against Terrorism

5 source controls mapped|5 target controls covered

14%

UK Gambling Commission - Cyber Resilience Requirements

4 source controls mapped|1 target controls covered

11%

PAS 1192-5:2015 - Security-Minded Approach to BIM and Digital Built Environments

4 source controls mapped|1 target controls covered

11%

ISO/IEC 27010:2015

4 source controls mapped|2 target controls covered

11%

UK FCA/PRA Operational Resilience Framework

4 source controls mapped|2 target controls covered

11%

SASB Standards

4 source controls mapped|2 target controls covered

11%

PIC/S Guide to Good Manufacturing Practice for Medicinal Products

4 source controls mapped|2 target controls covered

11%

ICH Q10 - Pharmaceutical Quality System

4 source controls mapped|2 target controls covered

11%

French Sapin II Law (Law No. 2016-1691)

4 source controls mapped|2 target controls covered

11%

ISO/IEC 27011:2024

4 source controls mapped|2 target controls covered

11%

ISO 41001:2018 - Facility Management Systems

4 source controls mapped|3 target controls covered

11%

ISO 39001:2012 - Road Traffic Safety Management

4 source controls mapped|3 target controls covered

11%

ISO 22313:2020 - Guidance on Business Continuity Management Systems

4 source controls mapped|3 target controls covered

11%

CISA Cross-Sector Cybersecurity Performance Goals (CPG) 2.0

4 source controls mapped|3 target controls covered

11%

ISO 20400:2017 - Sustainable Procurement

4 source controls mapped|4 target controls covered

11%

ISO/IEC 27006:2024

4 source controls mapped|2 target controls covered

11%

ISO/IEC 17025:2017 - General Requirements for Testing and Calibration Laboratories

4 source controls mapped|2 target controls covered

11%

ISO 13485

3 source controls mapped|3 target controls covered

ISO 27799

3 source controls mapped|3 target controls covered

TISAX - Trusted Information Security Assessment Exchange

3 source controls mapped|1 target controls covered

SA8000:2014 - Social Accountability Standard

3 source controls mapped|1 target controls covered

BRCGS Global Standard for Food Safety Issue 9

3 source controls mapped|1 target controls covered

Automotive SPICE (ASPICE) v4.0 - Process Assessment Model

3 source controls mapped|1 target controls covered

ISO 22318

3 source controls mapped|1 target controls covered

Space ISAC (Information Sharing and Analysis Center) - Threat Framework

3 source controls mapped|1 target controls covered

NIST SP 800-124 Revision 2 - Guidelines for Managing the Security of Mobile Devices

3 source controls mapped|1 target controls covered

BREEAM - Building Research Establishment Environmental Assessment Method

3 source controls mapped|1 target controls covered

21 CFR Part 211 - Current Good Manufacturing Practice

3 source controls mapped|1 target controls covered

ISO 22317

3 source controls mapped|1 target controls covered

ISO 26000:2010

3 source controls mapped|1 target controls covered

ISO 22316

3 source controls mapped|1 target controls covered

IAIS Insurance Core Principles (ICPs)

3 source controls mapped|5 target controls covered

Virginia CDPA

3 source controls mapped|3 target controls covered

Vietnam PDPD

3 source controls mapped|2 target controls covered

Uruguay DPL

3 source controls mapped|2 target controls covered

UK GDPR (UK General Data Protection Regulation)

3 source controls mapped|2 target controls covered

Texas Data Privacy Act

3 source controls mapped|2 target controls covered

Taiwan PDPA

3 source controls mapped|3 target controls covered

Qatar DPL

3 source controls mapped|3 target controls covered

POPIA

3 source controls mapped|3 target controls covered

PDPA Thailand

3 source controls mapped|3 target controls covered

PDPA Singapore

3 source controls mapped|3 target controls covered

South Korea PIPA

3 source controls mapped|3 target controls covered

Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (UAE PDPL)

3 source controls mapped|3 target controls covered

Azure Security Benchmark

3 source controls mapped|3 target controls covered

Barbados Data Protection Act 2019

3 source controls mapped|3 target controls covered

Bahrain PDPL

3 source controls mapped|3 target controls covered

SSAE 18 - Attestation Standards (SOC Reporting)

3 source controls mapped|6 target controls covered

Aged Care Quality Standards (Australia)

2 source controls mapped|2 target controls covered

Vermont Artificial Intelligence and Consumer Data Act (AICDA)

2 source controls mapped|1 target controls covered

USMCA Chapter 19 - Digital Trade (United States-Mexico-Canada Agreement)

2 source controls mapped|1 target controls covered

OWASP Top 10 for LLM Applications 2025

2 source controls mapped|1 target controls covered

OWASP DevSecOps Maturity Model (DSOMM)

2 source controls mapped|2 target controls covered

Ontario Accessibility for Ontarians with Disabilities Act (AODA) - IASR Web Standard

2 source controls mapped|1 target controls covered

OECD Guidelines for Multinational Enterprises on Responsible Business Conduct (2023 Update)

2 source controls mapped|1 target controls covered

NIST SP 800-82 Revision 3: Guide to Industrial Control Systems (ICS) Security

2 source controls mapped|1 target controls covered

NIS2 Directive

2 source controls mapped|3 target controls covered

NERC CIP

2 source controls mapped|1 target controls covered

NATO AQAP 2110 - Quality Assurance Requirements for Design, Development, and Production

2 source controls mapped|3 target controls covered

Modern Slavery Act 2018 (Australia)

2 source controls mapped|2 target controls covered

IRM Enterprise Risk Management Framework (Institute of Risk Management)

2 source controls mapped|1 target controls covered

IEEE 1686

2 source controls mapped|3 target controls covered

IATF 16949:2016 - Quality Management System for Automotive Production

2 source controls mapped|1 target controls covered

IAEA Nuclear Security Series - Computer Security at Nuclear Facilities (NSS-17-T Rev 1)

2 source controls mapped|1 target controls covered

GS1 Global Standards - Supply Chain Traceability and Data Security

2 source controls mapped|2 target controls covered

GLOBALG.A.P. Integrated Farm Assurance (IFA) Standard v6

2 source controls mapped|1 target controls covered

German Supply Chain Due Diligence Act (LkSG)

2 source controls mapped|2 target controls covered

GAMP 5 - Good Automated Manufacturing Practice

2 source controls mapped|1 target controls covered

FedRAMP Rev 5

2 source controls mapped|1 target controls covered

FDA Quality Management System Regulation (QMSR)

2 source controls mapped|1 target controls covered

Bermuda Monetary Authority (BMA) Cyber Risk Management Code of Conduct

2 source controls mapped|1 target controls covered

DAMA-DMBOK2 - Data Management Body of Knowledge (2nd Edition)

2 source controls mapped|2 target controls covered

APPI

2 source controls mapped|2 target controls covered

ISO 22739:2024 - Blockchain and Distributed Ledger Technologies Vocabulary

2 source controls mapped|4 target controls covered

TSA Pipeline Cybersecurity Directives

2 source controls mapped|2 target controls covered

AWWA Cybersecurity Guidance for the Water Sector (American Water Works Association)

2 source controls mapped|3 target controls covered

ISO 27018

2 source controls mapped|2 target controls covered

FFIEC Cybersecurity Assessment Tool (CAT)

2 source controls mapped|3 target controls covered

NIST SP 800-190

2 source controls mapped|2 target controls covered

BSI IT-Grundschutz

2 source controls mapped|4 target controls covered

ISO 27017

2 source controls mapped|2 target controls covered

AWS Well-Architected Security Pillar

2 source controls mapped|2 target controls covered

GDPR

2 source controls mapped|2 target controls covered

UK AI Regulation Framework

2 source controls mapped|1 target controls covered

SEC Climate Disclosure Rule

2 source controls mapped|1 target controls covered

ISO/IEC 27557:2022 - Organisational Privacy Risk Management

2 source controls mapped|7 target controls covered

EASA Part-IS - Information Security in Aviation

2 source controls mapped|5 target controls covered

AML/CTF Act 2006 (Australia)

2 source controls mapped|2 target controls covered

ISO 27005

2 source controls mapped|6 target controls covered

ISO 31000

2 source controls mapped|6 target controls covered

APRA SPS 220 Risk Management (Superannuation)

2 source controls mapped|4 target controls covered

ISO 27017:2015

1 source controls mapped|1 target controls covered

ISO 27701:2019

1 source controls mapped|1 target controls covered

Protective Security Policy Framework (PSPF) Release 2024

1 source controls mapped|1 target controls covered

NIST SP 800-66

1 source controls mapped|1 target controls covered

MDS2 (Medical Device)

1 source controls mapped|1 target controls covered

MARS-E

1 source controls mapped|1 target controls covered

FDA 21 CFR Part 11

1 source controls mapped|1 target controls covered

Own Risk and Solvency Assessment (ORSA) - NAIC Model Act

1 source controls mapped|1 target controls covered

IFRS 17 - Insurance Contracts

1 source controls mapped|1 target controls covered

Peru DPL

1 source controls mapped|1 target controls covered

Latvia Personal Data Processing Law (Fizisko personu datu apstrades likums, 2018)

1 source controls mapped|1 target controls covered

ISO 8000 - Data Quality

1 source controls mapped|1 target controls covered

COSO Internal Control - Integrated Framework (2013)

1 source controls mapped|2 target controls covered

ISO/IEC 42001:2023

1 source controls mapped|1 target controls covered

ISO 31000:2018

1 source controls mapped|1 target controls covered

ISO 27005:2022

1 source controls mapped|1 target controls covered

ISO 10006:2003

1 source controls mapped|1 target controls covered

SLSA

1 source controls mapped|1 target controls covered

Sigstore - Software Artifact Signing and Verification

1 source controls mapped|1 target controls covered

SIG (Shared Assessments)

1 source controls mapped|1 target controls covered

Secure by Design: A Guide for Manufacturers (CISA)

1 source controls mapped|1 target controls covered

PTES

1 source controls mapped|1 target controls covered

OWASP SAMM

1 source controls mapped|1 target controls covered

NIST SP 800-171A - Assessing Security Requirements for Controlled Unclassified Information (CUI)

1 source controls mapped|3 target controls covered

IEC 62351 - Power Systems Communication Security

1 source controls mapped|1 target controls covered

ISO 27043

1 source controls mapped|1 target controls covered

ISO/SAE 21434

1 source controls mapped|1 target controls covered

ASD Strategies to Mitigate Cyber Security Incidents

1 source controls mapped|2 target controls covered

ISO/IEC 27400:2022

1 source controls mapped|1 target controls covered

ISO 19650 - Organisation and Digitisation of Information about Buildings and Civil Engineering Works (BIM)

1 source controls mapped|1 target controls covered

3GPP 5G Security Architecture (TS 33.501)

1 source controls mapped|2 target controls covered

SOC 2

1 source controls mapped|2 target controls covered

Regional Comprehensive Economic Partnership (RCEP) - E-Commerce Chapter

1 source controls mapped|1 target controls covered

Azerbaijan Law on Personal Data (2010)

1 source controls mapped|1 target controls covered

Armenia Law on Protection of Personal Data (2015)

1 source controls mapped|1 target controls covered

Albania Law on Protection of Personal Data (Law No. 9887, 2008, amended 2014)

1 source controls mapped|1 target controls covered

Australian Privacy Principles (APPs)

1 source controls mapped|1 target controls covered

PSD2 SCA

1 source controls mapped|2 target controls covered

ISO 22320:2018

1 source controls mapped|1 target controls covered

IEC 60601-1 - Medical Electrical Equipment Safety

1 source controls mapped|3 target controls covered

FFIEC IT Examination Handbook

1 source controls mapped|3 target controls covered

BS 65000:2014 - Guidance on Organizational Resilience

1 source controls mapped|2 target controls covered

ISO/IEC 23837 - Security Requirements for Quantum Key Distribution

1 source controls mapped|2 target controls covered

APRA CPS 234

1 source controls mapped|3 target controls covered

IEC 62304:2015 Medical Device Software Lifecycle Processes

1 source controls mapped|3 target controls covered

ISO 37000:2021 - Governance of Organizations

1 source controls mapped|2 target controls covered

ISO/IEC 38500:2024 - Governance of IT

1 source controls mapped|1 target controls covered

PCI SSF

1 source controls mapped|3 target controls covered

PCI PIN Security

1 source controls mapped|3 target controls covered

PCI P2PE

1 source controls mapped|3 target controls covered

UNICEF Policy Guidance on AI for Children (2021)

1 source controls mapped|1 target controls covered

UNESCO Recommendation on the Ethics of AI

1 source controls mapped|1 target controls covered

ISO 26262:2018 - Functional Safety for Road Vehicles

1 source controls mapped|1 target controls covered

ISO/IEC 29134:2023

1 source controls mapped|3 target controls covered

ISO/IEC 27014:2020

1 source controls mapped|2 target controls covered

ISO/IEC 27031:2011

1 source controls mapped|1 target controls covered

NFPA 1600 - Standard on Continuity, Emergency, and Crisis Management

1 source controls mapped|1 target controls covered

ISO 45001

1 source controls mapped|1 target controls covered

ISO 22000

1 source controls mapped|1 target controls covered

ASIS SPC.1-2009 - Organizational Resilience Standard

1 source controls mapped|1 target controls covered

ISO/IEC 29147:2018

1 source controls mapped|1 target controls covered

FedRAMP High

1 source controls mapped|1 target controls covered

NIST SP 800-53 Revision 5.1 HIGH

1 source controls mapped|1 target controls covered

FedRAMP Moderate

1 source controls mapped|1 target controls covered

NIST SP 800-53 Rev 5 MODERATE

1 source controls mapped|1 target controls covered

NIST SP 800-53 Rev 5 LOW

1 source controls mapped|1 target controls covered

SANS Incident Handler's Handbook and PICERL Methodology

1 source controls mapped|1 target controls covered

AICPA Privacy Management Framework (PMF)

1 source controls mapped|1 target controls covered

Compare Authorised Economic Operator (AEO) Programmes - Global Standards with NIST Cybersecurity Framework 2.0

Frequently Asked Questions

What is Authorised Economic Operator (AEO) Programmes - Global Standards?

Authorised Economic Operator (AEO) Programmes - Global Standards is a compliance framework from International (97+ countries) with 5 domains and 36 controls. Authorised Economic Operator (AEO) programmes are globally implemented supply chain security and trade facilitation initiatives based on the WCO SAFE Framework. Over 97 countries operate AEO programmes. AEO status is granted to economic operators (importers, exporters, customs brokers, carriers, warehouse operators) that demonstrate compliance with customs requirements, financial solvency, and supply chain security standards. Mutual recognition arrangements (MRAs) between countries provide reciprocal AEO benefits. Key programmes include EU AEO, US C-TPAT, Japan AEO, China AEO, and Australia Trusted Trader. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.

How many controls does Authorised Economic Operator (AEO) Programmes - Global Standards have?

Authorised Economic Operator (AEO) Programmes - Global Standards has 36 controls organised across 5 domains. The largest domains are AEO Eligibility and Compliance (15 controls), AEO Security Requirements (8 controls), WCO SAFE Pillar 2 - Customs-to-Business (6 controls). Each control defines specific requirements that organisations must implement to achieve compliance.

What frameworks does Authorised Economic Operator (AEO) Programmes - Global Standards map to?

Authorised Economic Operator (AEO) Programmes - Global Standards maps to 178 other compliance frameworks. The top mapping partners are NIST Cybersecurity Framework 2.0 (25% coverage), NIST SP 800-171A Rev 3 - Assessing CUI Security Requirements (19% coverage), NIST SP 800-53 Rev 5 (19% coverage). Use our comparison tool to explore control-level mappings between frameworks.

How do I get started with Authorised Economic Operator (AEO) Programmes - Global Standards compliance?

Start your Authorised Economic Operator (AEO) Programmes - Global Standards compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about Authorised Economic Operator (AEO) Programmes - Global Standards requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 36 controls and track your progress.

Start Your Compliance Journey

Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 718 frameworks.

Get Started Free →

Free forever — no credit card required