The Frameworks and Regulations included in the PolicyCo platform contain all of the baseline external controls/regulatory requirements for your organization to remain in compliance. Each external control/regulatory requirement has a complete description.
โ
By default, PolicyCo will associate the labels in the platform as a Framework(s) and Controls. However, these label is dynamic and Framework(s) can be updated to Regulation(s) and Control(s) can be updated to Regulatory Requirements in the Settings to meet industry terminology standards.
โ
Frameworks and Regulations currently include:
23 NYCRR PART 500
25 USC
42 CFR 438
42 CFR 455
42 CFR PART 2
ACER RRM v2021
ADA
AK COLLECTION AGENCY v2022
AL CCA MINI CODE v2009
ALTA REG 143/1996
AMF RULE 91-507
AMPTA REG D
ASBCA RULE v2021
ASIC v2013
ASIC REPORTING v2013
AZ COLLECTION AGENCY
AZ LABOR CODE
BSA/AML
C5 v2020
CA 27 CCR
CA LABOR CODE
CA-BPC
CA-DPR
CA-HSC
CACFP
CAIQ v4.0.2
CAL/OSHA
CALIFORNIA DCC
CAN-SPAM
CARF ASPIRE v2022
CARF BEHAVIORAL HEALTH v2022
CARF EMPLOYMENT AND COMMUNITY v2022
CCO OREGON MEDICAID CONTRACT
CFTC RECORDS
CFTC RULE
CIS v8
CMMC v1.02
CO INDUSTRIAL HEMP
E-SIGN ACT
ECOA REG B
EEOC
EFTA REG E
ESMA v2020
FCRA REG V
FDCPA REG F
FERPA
FL LABOR STATUTES
FLSA
FMLA
GDPR v2016
GLBA
GLBA REG P
GOLETA-BLO
HHS OIG
HIPAA v2013
HITRUST v9.1, 9.2, 9.3, 9.4, 9.5.1, 9.6.2
HMDA REG C
ICA 1940
ISO 17025 v2017
ISO 22301 v2019-10
ISO 27001 v2013
ISO 27002 v2013, 2022
ISO 27108 v2019-01
MAS FORM v2013
MI CP 96-101
MI RULE 96-101
MLA
NAEYC v2022
NCQA CVO v2022
NH MANDATED REPORTER
NIST CSF v1.1
NIST SP 800-53 v5
OAR 309
OAR 410
OFAC
ORS 413
ORS 414
OSC CP 91-507
OSC RULE 91-507
OSHA
PCI DSS v3.2.1
PIPEDA
REG U NO 1227/2011 v2022
REG EU NO 1348/2014 v2014
REG S-T
REG SBSR
REG SCI
RESPA REG X
RFPA
SAFE REG G AND REG H
SBC WEIGHTS AND MEASURES
SBC-APCD
SBC-BLO
SBC-CZO
SCRA
SEC 85 FR 6270 v2020
SEC FORMS
SEC REG 17 CFR
SFA 2001 PART 2A v2001
SOC2 v2017
SQF ANIMAL PRODUCT MANUFACTURING v9
SQF FOOD MANUFACTURING v9
SQF PACKAGING MANUFACTURING v9
SQF QUALITY v9
SSA 1905
SSA 1927
TILA REG Z
TIS REG DD
TX LABOR CODE
UDAAP US BANKRUPTCY CODE
USDA ORGANIC
VT MANDATED REPORTER
WATERBOARD v2019
In general, the best practice is to choose the latest version, but it's best to talk with your assessor to be certain. PolicyCo supports adjusting your Framework version without losing any of the work you have done to link to articles so long as there are no meaningful changes in that external control from one version of the Framework to another.
To Add External Controls or Regulatory Requirements:
PolicyCo allows you to add the external controls that are in scope individually, allowing you to remain focused on what matters to your organization.
Click Settings
Click Frameworks (or Regulations if you have adjusted your Profile labels)
Choose the Framework or Regulation
Check the external controls that are in scope
You can choose to add all, but choose this with care, as if you have already carefully chosen controls, you cannot reverse this action to the previous state.
You can choose to use the filter options to narrow down the controls to help find what is most relevant
To Remove External Controls or Regulatory Requirements:
PolicyCo allows to to remove an external control, even if it has been linked to an article. If an external control has been linked to an article, and is removed, PolicyCo will remember this association and if the external control is added back in or updated to the same in a new version of the Framework, the association will remain to prevent extra efforts to re-link.
Click Settings
Click Frameworks (or Regulations if you have adjusted your Profile labels)
Choose the Framework or Regulation
Uncheck the external controls that are no longer in scope
You can choose to remove all, but choose this with care, as if you have already carefully chosen controls, you cannot reverse this action to the previous state.
You can choose to use the filter options to narrow down the controls to help find what is most relevant