Back to Frameworks
NABERS — National Australian Built Environment Rating System
Australia
v2024
5 domains
15 controls
NABERS (National Australian Built Environment Rating System) is an Australian Government initiative that measures the environmental performance of buildings, tenancies, and homes. Ratings cover energy, water, waste, and indoor environment on a 1-6 star scale. NABERS Energy ratings are mandatory for commercial office buildings over 1,000m2 in Australia under the Commercial Building Disclosure (CBD) programme. Over 80% of Australian office space is NABERS rated. Managed by the NSW Department of Climate Change, Energy, the Environment and Water.
Verified
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (5)
Building Types
4 controls
| Code | Title |
|---|---|
| NABERS-BT-1 | Office Ratings |
| NABERS-BT-2 | Shopping Centre Ratings |
| NABERS-BT-3 | Data Centre Ratings |
| NABERS-BT-4 | Hotel and Apartment Ratings |
Energy Rating
3 controls
| Code | Title |
|---|---|
| NABERS-EN-1 | Base Building Energy |
| NABERS-EN-2 | Tenancy Energy |
| NABERS-EN-3 | Whole Building Energy |
Indoor Environment Quality
4 controls
| Code | Title |
|---|---|
| NABERS-IEQ-1 | Air Quality |
| NABERS-IEQ-2 | Acoustic Comfort |
| NABERS-IEQ-3 | Lighting Quality |
| NABERS-IEQ-4 | Thermal Comfort |
Waste Rating
2 controls
| Code | Title |
|---|---|
| NABERS-WS-1 | Building Waste |
| NABERS-WS-2 | Waste Diversion Rate |
Water Rating
2 controls
| Code | Title |
|---|---|
| NABERS-WA-1 | Base Building Water |
| NABERS-WA-2 | Tenancy Water |
Maps to 175 other frameworks
15 total controls
EU Taxonomy Regulation (Regulation 2020/852)
4 source controls mapped|2 target controls covered
27%
EU Taxonomy Regulation
4 source controls mapped|2 target controls covered
27%
ISO 56002
3 source controls mapped|3 target controls covered
20%
ISO 41001:2018 — Facility Management Systems
3 source controls mapped|3 target controls covered
20%
ISO 39001:2012 — Road Traffic Safety Management
3 source controls mapped|3 target controls covered
20%
ISO 37002:2021 — Whistleblowing Management Systems
3 source controls mapped|3 target controls covered
20%
ISO 50001:2018 — Energy Management Systems
3 source controls mapped|3 target controls covered
20%
ISO 22313:2020 — Guidance on Business Continuity Management Systems
3 source controls mapped|3 target controls covered
20%
LEED v4.1 — Green Building Rating System (US Green Building Council)
3 source controls mapped|2 target controls covered
20%
TCFD Recommendations
3 source controls mapped|1 target controls covered
20%
GRI Standards
3 source controls mapped|1 target controls covered
20%
GHG Protocol
3 source controls mapped|1 target controls covered
20%
ISSB Standards
3 source controls mapped|1 target controls covered
20%
ISO 14001
3 source controls mapped|1 target controls covered
20%
CSRD
3 source controls mapped|1 target controls covered
20%
EU SFDR (Sustainable Finance Disclosure Regulation)
3 source controls mapped|1 target controls covered
20%
Security of Critical Infrastructure Act 2018 (SOCI)
3 source controls mapped|1 target controls covered
20%
IEC 62351 — Power Systems Communication Security
3 source controls mapped|1 target controls covered
20%
IEEE 1686
1 source controls mapped|3 target controls covered
7%
FIRST CSIRT Services Framework and Standards
1 source controls mapped|1 target controls covered
7%
MITRE D3FEND
1 source controls mapped|1 target controls covered
7%
BSIMM
1 source controls mapped|1 target controls covered
7%
EIOPA Guidelines on ICT Security and Governance (2020)
1 source controls mapped|2 target controls covered
7%
ISO 27019
1 source controls mapped|3 target controls covered
7%
BIMCO Cyber Security
1 source controls mapped|3 target controls covered
7%
MITRE ATT&CK
1 source controls mapped|1 target controls covered
7%
EU Critical Raw Materials Act (Regulation (EU) 2024/1252)
1 source controls mapped|1 target controls covered
7%
APRA CPS 234
1 source controls mapped|1 target controls covered
7%
ISO 22320:2018
1 source controls mapped|1 target controls covered
7%
AWWA Cybersecurity Guidance for the Water Sector (American Water Works Association)
1 source controls mapped|3 target controls covered
7%
CISA ICS-CERT Advisories and Industrial Control Systems Security Guidelines
1 source controls mapped|3 target controls covered
7%
ISO 22316
1 source controls mapped|2 target controls covered
7%
ISMAP (Japan)
1 source controls mapped|1 target controls covered
7%
IMO Maritime Cybersecurity Guidelines (MSC-FAL.1/Circ.3/Rev.2)
1 source controls mapped|2 target controls covered
7%
MTCS (Singapore)
1 source controls mapped|1 target controls covered
7%
OWASP ASVS
1 source controls mapped|1 target controls covered
7%
API 1164
1 source controls mapped|3 target controls covered
7%
US Maritime Transportation Security Act (MTSA) and USCG Cybersecurity Requirements
1 source controls mapped|1 target controls covered
7%
IEC 62443
1 source controls mapped|3 target controls covered
7%
DO-326A
1 source controls mapped|3 target controls covered
7%
Singapore Government Instruction Manual on ICT&SS Management (IM8)
1 source controls mapped|2 target controls covered
7%
ASD Strategies to Mitigate Cyber Security Incidents
1 source controls mapped|3 target controls covered
7%
ISO/IEC 27031:2011
1 source controls mapped|3 target controls covered
7%
CSA STAR (Security, Trust, Assurance, and Risk)
1 source controls mapped|3 target controls covered
7%
UK Defence Standard 05-138 — Cyber Security for Defence Suppliers
1 source controls mapped|1 target controls covered
7%
ASD Information Security Manual (ISM)
1 source controls mapped|3 target controls covered
7%
BSI C5 — Cloud Computing Compliance Criteria Catalogue
1 source controls mapped|1 target controls covered
7%
South Korea ISMS-P
1 source controls mapped|2 target controls covered
7%
ASD Essential Eight Maturity Model
1 source controls mapped|3 target controls covered
7%
Japan FSA Cybersecurity Guidelines for Financial Institutions
1 source controls mapped|1 target controls covered
7%
ISO 27002:2022
1 source controls mapped|1 target controls covered
7%
CAIQ (CSA)
1 source controls mapped|1 target controls covered
7%
Bermuda Monetary Authority (BMA) Cyber Risk Management Code of Conduct
1 source controls mapped|2 target controls covered
7%
CISA Cross-Sector Cybersecurity Performance Goals (CPG) 2.0
1 source controls mapped|2 target controls covered
7%
ISO/SAE 21434
1 source controls mapped|1 target controls covered
7%
C2M2
1 source controls mapped|3 target controls covered
7%
AWS Well-Architected Security Pillar
1 source controls mapped|1 target controls covered
7%
ISO 22317
1 source controls mapped|2 target controls covered
7%
ISO 27018
1 source controls mapped|1 target controls covered
7%
NIST SP 800-34 Rev 1 — Contingency Planning Guide
1 source controls mapped|3 target controls covered
7%
SSAE 18 SOC 1 — Report on Controls at a Service Organisation (ICFR)
1 source controls mapped|1 target controls covered
7%
ASIS SPC.1-2009 — Organizational Resilience Standard
1 source controls mapped|1 target controls covered
7%
ISO 22318
1 source controls mapped|2 target controls covered
7%
ISO 27001:2022
1 source controls mapped|1 target controls covered
7%
CFTC System Safeguards (17 CFR 37, 38, 39, 49)
1 source controls mapped|3 target controls covered
7%
HKMA SPM
1 source controls mapped|1 target controls covered
7%
DORA
1 source controls mapped|1 target controls covered
7%
MAS TRM
1 source controls mapped|1 target controls covered
7%
EBA Guidelines on ICT and Security Risk Management (EBA/GL/2019/04)
1 source controls mapped|2 target controls covered
7%
IACS Unified Requirements E26/E27 — Cyber Resilience of Ships and On-Board Systems
1 source controls mapped|2 target controls covered
7%
OWASP MASVS
1 source controls mapped|1 target controls covered
7%
ISO/IEC 27011:2024
1 source controls mapped|1 target controls covered
7%
EU Cyber Resilience Act
1 source controls mapped|1 target controls covered
7%
FFIEC IT Examination Handbook
1 source controls mapped|1 target controls covered
7%
ASIC Cyber Resilience Good Practices
1 source controls mapped|1 target controls covered
7%
NIST SP 800-171A — Assessing CUI Security Requirements
1 source controls mapped|2 target controls covered
7%
3GPP Security
1 source controls mapped|1 target controls covered
7%
ISO 22301
1 source controls mapped|2 target controls covered
7%
EU NIS2 Directive — Transport Sector Requirements
1 source controls mapped|1 target controls covered
7%
APRA CPS 230 Operational Risk Management
1 source controls mapped|1 target controls covered
7%
FTC GLBA Safeguards Rule (16 CFR Part 314)
1 source controls mapped|2 target controls covered
7%
Nevada Gaming Control Board Cybersecurity Requirements
1 source controls mapped|2 target controls covered
7%
Lloyd's Minimum Standards — Cyber Security
1 source controls mapped|2 target controls covered
7%
FTC Safeguards Rule (16 CFR Part 314)
1 source controls mapped|2 target controls covered
7%
BCBS 239
1 source controls mapped|1 target controls covered
7%
C5 (Germany)
1 source controls mapped|1 target controls covered
7%
ISO 27043
1 source controls mapped|1 target controls covered
7%
FAA Cybersecurity Framework for Aviation
1 source controls mapped|1 target controls covered
7%
GLBA
1 source controls mapped|1 target controls covered
7%
CSA CCM v4
1 source controls mapped|2 target controls covered
7%
DAMA-DMBOK2 — Data Management Body of Knowledge (2nd Edition)
1 source controls mapped|1 target controls covered
7%
FedRAMP Rev 5
1 source controls mapped|2 target controls covered
7%
HKMA Cyber Resilience Assessment Framework (C-RAF)
1 source controls mapped|1 target controls covered
7%
ETSI EN 303 645
1 source controls mapped|1 target controls covered
7%
California IoT Security Law
1 source controls mapped|1 target controls covered
7%
NIST SP 800-171A Rev 3 — Assessing CUI Security Requirements
1 source controls mapped|2 target controls covered
7%
ISPE GAMP 5 — A Risk-Based Approach to Compliant GxP Computerised Systems
1 source controls mapped|1 target controls covered
7%
ISO 27017
1 source controls mapped|1 target controls covered
7%
Azure Security Benchmark
1 source controls mapped|1 target controls covered
7%
TSA Pipeline Security
1 source controls mapped|3 target controls covered
7%
NIST SP 800-88
1 source controls mapped|1 target controls covered
7%
UNECE WP.29 R156
1 source controls mapped|1 target controls covered
7%
NIST SP 800-160
1 source controls mapped|1 target controls covered
7%
NIST SP 800-92
1 source controls mapped|1 target controls covered
7%
NIST Cybersecurity Framework 2.0
1 source controls mapped|3 target controls covered
7%
OpenSSF Scorecard
1 source controls mapped|1 target controls covered
7%
SIG (Shared Assessments)
1 source controls mapped|1 target controls covered
7%
US NRC 10 CFR 73.54 — Cyber Security for Nuclear Power Plants
1 source controls mapped|1 target controls covered
7%
UNECE WP.29 R155
1 source controls mapped|1 target controls covered
7%
NYDFS Cybersecurity Regulation (23 NYCRR Part 500)
1 source controls mapped|2 target controls covered
7%
NIS2 Directive Implementing Acts
1 source controls mapped|2 target controls covered
7%
PCI SSF
1 source controls mapped|1 target controls covered
7%
NAIC Insurance Data Security Model Law (MDL-668)
1 source controls mapped|2 target controls covered
7%
DISA Security Technical Implementation Guides (STIGs)
1 source controls mapped|1 target controls covered
7%
SSAE 18 — Attestation Standards (SOC Reporting)
1 source controls mapped|3 target controls covered
7%
SANS Incident Handler's Handbook and PICERL Methodology
1 source controls mapped|3 target controls covered
7%
Oman National Cybersecurity Framework
1 source controls mapped|1 target controls covered
7%
NIST SP 800-82 Rev 3 — Guide to OT Security
1 source controls mapped|2 target controls covered
7%
WCO Authorised Economic Operator (AEO) Framework
1 source controls mapped|1 target controls covered
7%
C-TPAT — Customs-Trade Partnership Against Terrorism
1 source controls mapped|1 target controls covered
7%
Defence Security Principles Framework (DSPF)
1 source controls mapped|1 target controls covered
7%
Protective Security Policy Framework (PSPF) Release 2024
1 source controls mapped|1 target controls covered
7%
SWIFT CSP
1 source controls mapped|1 target controls covered
7%
IAEA Nuclear Security Series — Computer Security at Nuclear Facilities (NSS-17-T Rev 1)
1 source controls mapped|1 target controls covered
7%
NIS2 Directive
1 source controls mapped|3 target controls covered
7%
NIST SP 800-128
1 source controls mapped|1 target controls covered
7%
OWASP SAMM
1 source controls mapped|1 target controls covered
7%
OSFI B-13
1 source controls mapped|1 target controls covered
7%
Colorado Privacy Act (CPA)
1 source controls mapped|1 target controls covered
7%
Washington My Health My Data Act (MHMD)
1 source controls mapped|1 target controls covered
7%
Rhode Island Data Transparency and Privacy Protection Act (RIDTPPA)
1 source controls mapped|1 target controls covered
7%
Wisconsin Data Privacy Act (SB 670)
1 source controls mapped|1 target controls covered
7%
Tennessee Information Protection Act (TIPA)
1 source controls mapped|1 target controls covered
7%
Connecticut Data Privacy Act (CTDPA)
1 source controls mapped|1 target controls covered
7%
Florida Digital Bill of Rights (FDBR)
1 source controls mapped|1 target controls covered
7%
NERC CIP
1 source controls mapped|3 target controls covered
7%
SWIFT CSCF
1 source controls mapped|1 target controls covered
7%
NIST SP 1800-32
1 source controls mapped|3 target controls covered
7%
SOC 2
1 source controls mapped|2 target controls covered
7%
NIST SP 800-137
1 source controls mapped|1 target controls covered
7%
NIST SP 800-183
1 source controls mapped|1 target controls covered
7%
NIST SP 800-115
1 source controls mapped|1 target controls covered
7%
NIST SP 800-123
1 source controls mapped|1 target controls covered
7%
PCI P2PE
1 source controls mapped|1 target controls covered
7%
UK Security and Emergency Measures Direction (SEMD) — Water Industry
1 source controls mapped|1 target controls covered
7%
NIST SP 800-146
1 source controls mapped|1 target controls covered
7%
TSA Pipeline Cybersecurity Directives
1 source controls mapped|1 target controls covered
7%
ECB TIBER-EU
1 source controls mapped|1 target controls covered
7%
NIST SP 800-181
1 source controls mapped|1 target controls covered
7%
NIST SP 800-61
1 source controls mapped|1 target controls covered
7%
NIST SP 800-150
1 source controls mapped|1 target controls covered
7%
NIST Privacy Framework 1.0
1 source controls mapped|3 target controls covered
7%
UK Gambling Commission — Cyber Resilience Requirements
1 source controls mapped|1 target controls covered
7%
NIST SP 800-161
1 source controls mapped|1 target controls covered
7%
SOC for Cybersecurity — Cybersecurity Risk Management Examination
1 source controls mapped|1 target controls covered
7%
NIST SP 800-190
1 source controls mapped|1 target controls covered
7%
Open Banking Security
1 source controls mapped|1 target controls covered
7%
NIST SP 800-63
1 source controls mapped|1 target controls covered
7%
SLSA
1 source controls mapped|1 target controls covered
7%
TISAX — Trusted Information Security Assessment Exchange
1 source controls mapped|1 target controls covered
7%
NIST SP 800-53 Rev 5
1 source controls mapped|2 target controls covered
7%
NIST SP 800-207
1 source controls mapped|1 target controls covered
7%
PCI PIN Security
1 source controls mapped|1 target controls covered
7%
NIST SP 800-218
1 source controls mapped|1 target controls covered
7%
SSDF (NIST)
1 source controls mapped|1 target controls covered
7%
AICPA SOC 1
1 source controls mapped|1 target controls covered
7%
PSD2 SCA
1 source controls mapped|1 target controls covered
7%
NIST SP 800-187
1 source controls mapped|1 target controls covered
7%
AICPA SOC 3
1 source controls mapped|1 target controls covered
7%
TNFD Recommendations
1 source controls mapped|1 target controls covered
7%
NIST SP 800-144
1 source controls mapped|1 target controls covered
7%
NIST SP 800-145
1 source controls mapped|1 target controls covered
7%
NFPA 1600 — Standard on Continuity, Emergency, and Crisis Management
1 source controls mapped|2 target controls covered
7%
PTES
1 source controls mapped|1 target controls covered
7%
UK PSTI Act
1 source controls mapped|1 target controls covered
7%
Frequently Asked Questions
What is NABERS — National Australian Built Environment Rating System?
NABERS — National Australian Built Environment Rating System is a compliance framework from Australia with 5 domains and 15 controls. NABERS (National Australian Built Environment Rating System) is an Australian Government initiative that measures the environmental performance of buildings, tenancies, and homes. Ratings cover energy, water, waste, and indoor environment on a 1-6 star scale. NABERS Energy ratings are mandatory for commercial office buildings over 1,000m2 in Australia under the Commercial Building Disclosure (CBD) programme. Over 80% of Australian office space is NABERS rated. Managed by the NSW Department of Climate Change, Energy, the Environment and Water. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does NABERS — National Australian Built Environment Rating System have?
NABERS — National Australian Built Environment Rating System has 15 controls organised across 5 domains. The largest domains are Building Types (4 controls), Indoor Environment Quality (4 controls), Energy Rating (3 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does NABERS — National Australian Built Environment Rating System map to?
NABERS — National Australian Built Environment Rating System maps to 175 other compliance frameworks. The top mapping partners are EU Taxonomy Regulation (Regulation 2020/852) (27% coverage), EU Taxonomy Regulation (27% coverage), ISO 56002 (20% coverage). Use our comparison tool to explore control-level mappings between frameworks.
How do I get started with NABERS — National Australian Built Environment Rating System compliance?
Start your NABERS — National Australian Built Environment Rating System compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about NABERS — National Australian Built Environment Rating System requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 15 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 692 frameworks.
Get Started Free →Free forever — no credit card required