TheArtOfService
Back to Frameworks

UN Guiding Principles on Business and Human Rights (UNGPs)

Self-Assess
International (United Nations)
v2011
4 domains
4 controls

The United Nations Guiding Principles on Business and Human Rights (UNGPs), unanimously endorsed by the UN Human Rights Council in 2011, establish the authoritative global standard for preventing and addressing human rights impacts linked to business activity. The UNGPs rest on three pillars: the State duty to protect human rights, the corporate responsibility to respect human rights, and access to remedy. The corporate responsibility pillar requires human rights due diligence - a process to identify, prevent, mitigate, and account for adverse human rights impacts. The UNGPs inform mandatory human rights due diligence legislation globally (EU CSDDD, German LkSG, French Loi de Vigilance).

Verified

Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.

Framework Domains (4)

Protect

1 controls
Controls in the Protect domain of UN Guiding Principles on Business and Human Rights (UNGPs)1 controls
CodeTitle
UNGPBHR-1Pillar I: State Duty to Protect Human Rights

Remedy

1 controls
Controls in the Remedy domain of UN Guiding Principles on Business and Human Rights (UNGPs)1 controls
CodeTitle
UNGPBHR-3Pillar III: Access to Remedy

Reporting

1 controls
Controls in the Reporting domain of UN Guiding Principles on Business and Human Rights (UNGPs)1 controls
CodeTitle
UNGPBHR-4Reporting and Communication

Respect

1 controls
Controls in the Respect domain of UN Guiding Principles on Business and Human Rights (UNGPs)1 controls
CodeTitle
UNGPBHR-2Pillar II: Corporate Responsibility to Respect Human Rights

Your Compliance Coverage

If you comply with UN Guiding Principles on Business and Human Rights (UNGPs), you already cover:

OECD Recommendation on Artificial Intelligence (2024 Update)

25%

1 controls mapped

Compare →

US Gramm-Leach-Bliley Act (GLBA) - Higher Education Safeguards Rule

25%

1 controls mapped

Compare →

ISO/IEC 29147:2018

25%

1 controls mapped

Compare →

+ 49 more: ISO/IEC 27011:2024 (25%), NIST AI Risk Management Framework (AI RMF 1.0) (25%)

See all 52 mapped frameworks ↓

Maps to 52 other frameworks

4 total controls
OECD Recommendation on Artificial Intelligence (2024 Update)
1 source controls mapped|2 target controls covered
25%
US Gramm-Leach-Bliley Act (GLBA) - Higher Education Safeguards Rule
1 source controls mapped|1 target controls covered
25%
ISO/IEC 29147:2018
1 source controls mapped|4 target controls covered
25%
ISO/IEC 27011:2024
1 source controls mapped|1 target controls covered
25%
NIST AI Risk Management Framework (AI RMF 1.0)
1 source controls mapped|1 target controls covered
25%
Azure Security Benchmark
1 source controls mapped|1 target controls covered
25%
BSI IT-Grundschutz
1 source controls mapped|1 target controls covered
25%
ISO/IEC 29134:2023
1 source controls mapped|1 target controls covered
25%
NIST SP 800-171A - Assessing Security Requirements for Controlled Unclassified Information (CUI)
1 source controls mapped|2 target controls covered
25%
ISO/IEC 30111:2019
1 source controls mapped|3 target controls covered
25%
FFIEC Cybersecurity Assessment Tool (CAT)
1 source controls mapped|1 target controls covered
25%
CISA Cross-Sector Cybersecurity Performance Goals (CPG) 2.0
1 source controls mapped|1 target controls covered
25%
APRA CPS 230 Operational Risk Management
1 source controls mapped|1 target controls covered
25%
FTC GLBA Safeguards Rule (16 CFR Part 314)
1 source controls mapped|1 target controls covered
25%
ISMAP (Japan)
1 source controls mapped|1 target controls covered
25%
Japan FSA Cybersecurity Guidelines for Financial Institutions
1 source controls mapped|1 target controls covered
25%
MITRE ATT&CK
1 source controls mapped|1 target controls covered
25%
Modern Slavery Act 2018 (Australia)
1 source controls mapped|1 target controls covered
25%
MTCS (Singapore)
1 source controls mapped|1 target controls covered
25%
Nevada Gaming Control Board Cybersecurity Requirements
1 source controls mapped|1 target controls covered
25%
New Zealand Information Security Manual (NZISM)
1 source controls mapped|1 target controls covered
25%
NIS2 Directive Implementing Acts
1 source controls mapped|1 target controls covered
25%
NIST Privacy Framework
1 source controls mapped|1 target controls covered
25%
NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)
1 source controls mapped|1 target controls covered
25%
NIST SP 800-123
1 source controls mapped|1 target controls covered
25%
NIST SP 800-137
1 source controls mapped|1 target controls covered
25%
NIST SP 800-144
1 source controls mapped|1 target controls covered
25%
NIST SP 800-145
1 source controls mapped|1 target controls covered
25%
NIST SP 800-146
1 source controls mapped|1 target controls covered
25%
NIST SP 800-61
1 source controls mapped|1 target controls covered
25%
NIST SP 800-63-4
1 source controls mapped|1 target controls covered
25%
NIST SP 800-88
1 source controls mapped|1 target controls covered
25%
NIST SP 800-92
1 source controls mapped|1 target controls covered
25%
NRF Cybersecurity and Data Privacy Framework (National Retail Federation)
1 source controls mapped|1 target controls covered
25%
OECD Guidelines for Multinational Enterprises on Responsible Business Conduct (2023 Update)
1 source controls mapped|2 target controls covered
25%
OECD AI Principles
1 source controls mapped|1 target controls covered
25%
ILO Declaration on Fundamental Principles and Rights at Work (Core Conventions)
1 source controls mapped|2 target controls covered
25%
ICMM Mining Principles (2024 Update)
1 source controls mapped|1 target controls covered
25%
German Supply Chain Due Diligence Act (LkSG)
1 source controls mapped|3 target controls covered
25%
AWS Well-Architected Security Pillar
1 source controls mapped|1 target controls covered
25%
UK FCA/PRA Operational Resilience Framework
1 source controls mapped|1 target controls covered
25%
TSA Pipeline Cybersecurity Directives
1 source controls mapped|1 target controls covered
25%
SLSA
1 source controls mapped|1 target controls covered
25%
SIG (Shared Assessments)
1 source controls mapped|1 target controls covered
25%
Secure by Design: A Guide for Manufacturers (CISA)
1 source controls mapped|2 target controls covered
25%
SA8000:2014 - Social Accountability Standard
1 source controls mapped|1 target controls covered
25%
PTES
1 source controls mapped|1 target controls covered
25%
PAS 1192-5:2015 - Security-Minded Approach to BIM and Digital Built Environments
1 source controls mapped|1 target controls covered
25%
OWASP SAMM
1 source controls mapped|1 target controls covered
25%
OWASP MASVS
1 source controls mapped|1 target controls covered
25%
OpenSSF Scorecard
1 source controls mapped|1 target controls covered
25%
O-RAN WG11 Security Specification
1 source controls mapped|1 target controls covered
25%
Compare UN Guiding Principles on Business and Human Rights (UNGPs) with OECD Recommendation on Artificial Intelligence (2024 Update)

Frequently Asked Questions

What is UN Guiding Principles on Business and Human Rights (UNGPs)?

UN Guiding Principles on Business and Human Rights (UNGPs) is a compliance framework from International (United Nations) with 4 domains and 4 controls. The United Nations Guiding Principles on Business and Human Rights (UNGPs), unanimously endorsed by the UN Human Rights Council in 2011, establish the authoritative global standard for preventing and addressing human rights impacts linked to business activity. The UNGPs rest on three pillars: the State duty to protect human rights, the corporate responsibility to respect human rights, and access to remedy. The corporate responsibility pillar requires human rights due diligence - a process to identify, prevent, mitigate, and account for adverse human rights impacts. The UNGPs inform mandatory human rights due diligence legislation globally (EU CSDDD, German LkSG, French Loi de Vigilance). It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.

How many controls does UN Guiding Principles on Business and Human Rights (UNGPs) have?

UN Guiding Principles on Business and Human Rights (UNGPs) has 4 controls organised across 4 domains. The largest domains are Protect (1 controls), Remedy (1 controls), Reporting (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.

What frameworks does UN Guiding Principles on Business and Human Rights (UNGPs) map to?

UN Guiding Principles on Business and Human Rights (UNGPs) maps to 52 other compliance frameworks. The top mapping partners are OECD Recommendation on Artificial Intelligence (2024 Update) (25% coverage), US Gramm-Leach-Bliley Act (GLBA) - Higher Education Safeguards Rule (25% coverage), ISO/IEC 29147:2018 (25% coverage). Use our comparison tool to explore control-level mappings between frameworks.

How do I get started with UN Guiding Principles on Business and Human Rights (UNGPs) compliance?

Start your UN Guiding Principles on Business and Human Rights (UNGPs) compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about UN Guiding Principles on Business and Human Rights (UNGPs) requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 4 controls and track your progress.

Start Your Compliance Journey

Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 718 frameworks.

Get Started Free →

Free forever — no credit card required