Compliance Frameworks
GovernLayer includes 14 compliance frameworks out of the box, each with mapped controls, evidence requirements, and automated readiness scoring. New frameworks are added quarterly.
Supported frameworks
| Code | Name | Controls | Category |
|---|---|---|---|
SOC2 | SOC 2 Type II | 24 | Security |
GDPR | General Data Protection Regulation | 18 | Privacy |
EU_AI_ACT | EU AI Act | 22 | AI Governance |
ISO27001 | ISO/IEC 27001:2022 | 28 | Security |
HIPAA | HIPAA | 20 | Healthcare |
NIST_AI_RMF | NIST AI Risk Management Framework | 16 | AI Governance |
NIST_CSF | NIST Cybersecurity Framework | 23 | Security |
ISO42001 | ISO/IEC 42001:2023 | 19 | AI Governance |
PCI_DSS | PCI DSS v4.0 | 25 | Financial |
CCPA | California Consumer Privacy Act | 12 | Privacy |
NIS2 | NIS2 Directive | 15 | Security |
DORA | Digital Operational Resilience Act | 17 | Financial |
DSA | Digital Services Act | 14 | Platform |
DMA | Digital Markets Act | 11 | Platform |
GET/v1/frameworks
List frameworks
Retrieve all supported compliance frameworks with their metadata.
Request
GET
/v1/frameworkscurl https://api.governlayer.ai/v1/frameworks \
-H "X-API-Key: gl_your_api_key_here"
Example response
{
"data": [
{
"code": "SOC2",
"name": "SOC 2 Type II",
"controls_count": 24,
"category": "security"
},
{
"code": "GDPR",
"name": "General Data Protection Regulation",
"controls_count": 18,
"category": "privacy"
},
{
"code": "EU_AI_ACT",
"name": "EU AI Act",
"controls_count": 22,
"category": "ai_governance"
}
]
}