Narrow in with Custom Frameworks

Achieve any compliance goals with our custom frameworks to suit any requirements

soc2-explained-video-cover
SOC 2 STANDARD

Is this the year you grow with SOC 2?

There’s no better standard to baseline your information security and earn trust with a broad customer base.

AssuranceLab is a registered CPA and CA firm ready to help you earn trust with SOC 2 in the US and globally.

We provide end-to-end readiness and audit services, with a cloud-native and agile approach that enables you to work at your own pace.

alab-network-countries-and-employees

You’re in great company. We work with hundreds of fast-growing software companies across 13 countries, ranging in size from 2 to 26,000 employees.

alab-network-countries-and-employees-1

You’re in great company. We work with hundreds of fast-growing software companies across 20+ countries, ranging in size from 2 to 26,000+ employees.

CUSTOM FRAMEWORKS

Do you have specific

compliance goals?

Pillar's sophisticated data model allows us to build custom frameworks quickly to suit any requirements

AssuranceLab has built dozens of frameworks ready to help you earn and maintain trust with your customers globally.

Whether you want to satisfy specific regulations, bespoke customer requirements, or any other nuanced compliance goals, we can build and deploy custom frameworks in Pillar and Drata to demonstrate your compliance and enable continuous monitoring.

alab-soc2-image
Workvivo-logo
Sine-logo
Plexure-logo
salestrekker-logo
Nano-logo
Livepro-logo
Livehire-logo
Inlogik-logo
Humanforce-logo
Fusion-suport-logo
HotDoc-logo
Fileinvite-logo
Data-zoo-logo
Enboarder-logo
Dropsuite-logo
Checkbox-logo
Bravura-solutions-logo
Atlan-logo
rockt-logo

THE PROCESS

Four Steps to Custom Frameworks

left arrow right arrow
alab-choice-of-goalposts-icon

Requirement Gathering

Let us know what regulation, standard or other specific requirements you have and what you need to do with it. We'll assess those requirements to provide a quote on building the custom framework(s) for you. We do that in a way that's compatible with our audits, and the Pillar and Drata platforms, so you can demonstrate your compliance and continue to monitor it.

alab-multi-standard-compliance-icon

Framework Build

We will build the framework by translating the standard, regulation or specific requirements into a digital form and mapping the relevant controls to satisfy those requirements.

Deploy

Deploy

We implement the framework in Pillar, Drata or another agreed method so that you can live track your controls, any applicable audits, and other information against the requirements of the framework.

alab-customer-confort-and-trust-icon

Audits

We can conduct audits that provide trust-building verification of your compliance with the custom framework. This can include an attestation report that demonstrates your compliance to customers and other stakeholders with detail on how you meet those specific requirements.

Ready to get started on your compliance journey?

FAQ

Your questions answered

What qualifies for a custom framework?

We can really build anything as a custom framework. Obviously it should be driven by a specific purpose or compliance goal that you have. That might be satisfying a specific customers' requirements, a regulation that we don't already cover in our audits, or even just for internal risk or operating control purposes. We just need a clear view of what is or should be part of that framework in order to build it in a digital form with the right corresponding controls.

What can we do with a custom framework?

In most cases, you'll use the custom framework to show stakeholders how you meet that framework. For example, if your customer has specific requirements for you to adhere to, we can build that custom framework and map your actual business activities (controls) to it to demonstrate how you meet those requirements. That may be just showing that mapping and your monitoring of those controls, or you may conduct an audit to verify your compliance and provide a report to your stakeholders to prove your compliance with that independent validation. 

Are these frameworks compatible with compliance platforms?

Yes. If you use Drata that allows custom frameworks, we can provide it in a format to import there for continuous monitoring of your compliance with the framework.

What custom frameworks have been built before?

For other clients previously, we have built:

  • The Commonwealth Bank of Australia's Tier 1 vendor governance requirements;
  • The Australian and New Zealand Privacy Principles
  • Essential 8
  • APRA's CPS 234
  • CDR Representatives to suit the specific requirements of our CDR Principle partners

OTHER STANDARDS

Earn trust with other leading standards

alab-blended-audits-icon

Blended Audits

Combine two or more compliance frameworks into a single blended audit process without duplication to scale trust, not costs and effort.

alab-hipaa-icon

HIPAA

The de facto global and best practice standard for proving secure handling of electronic protected health information (ePHI).

alab-custom-framework-icon

Custom Frameworks

Manage any compliance obligations from customers, regulators or your own internal risk requirements with custom frameworks.

alab-iso-27001-icon

ISO 27001

An international framework to apply a structured and best practice methodology for managing information security.

alab-csa-star-icon

CSA Star

A comprehensive, best practice standard for cloud security to achieve Level Two accreditation in the security, trust and risk (STAR) register.

alab-cdr-icon

Consumer Data Right

Access consumer data in Australia’s economy-wide open data regime with Consumer Data Right accreditation.

alab-esg-icon

ESG Reporting

A flexible and lightweight framework to report up to 500+ positive impact activities supporting environmental, social and governance (ESG) objectives.

alab-gdpr-icon

GDPR

The global gold-standard for privacy. GDPR is regulated for personal data collected from EU citizens, and an effective framework to satisfy enterprise customers globally.

alab-soc1-sox-itgc-icon

SOC 2

Trust services criteria to satisfy a broad customer base globally for security, availability, confidentiality, privacy and processing integrity.

alab-gdpr-icon

GDPR

The global gold-standard for privacy. GDPR is regulated for personal data collected from EU citizens, and an effective framework to satisfy enterprise customers globally.

GET IN CONTACT

Get started your way

We’re ready when you are

Can’t wait?

Our free products help you get started without any fuss:

pillar-tab-button-normal

The always-free GRC platform that powers trust for hundreds of technology companies.

policytree-tab-button-normal (1)

Our 40-minute policy generator; a better alternative to cookie-cutter templates.