IT Governance

Ready-to-use industry IT standards, frameworks, and best practices.

Get your content suite now

Contact us now for a no obligation review of how content suites can accelerate your ACL experience

Designed for IT audit, risk, and compliance professionals.

Compliance with multiple IT standards, regulatory requirements, and internal policies can be daunting. But it doesn’t have to be—automate your IT risk and compliance program using ACL's growing, evergreen collection of regulatory and compliance content. Increase assurance over IT general controls, data privacy, and cybersecurity using our integrated content to monitor compliance programs by mapping IT regulations and standards against common control frameworks. Pre-built analytics help you quickly determine high-risk activities related to unauthorized access. ACL makes it easy for you to minimize risk exposure and collaborate with your front line.

Included in the Content For IT Governance

Browse by toolkit

A toolkit is a curated set of tools aimed at addressing one area of risk or compliance.

For example, a toolkit might include a set of data analytics, a risk control framework, and a best practices program.

General IT Compliance Toolkit

Reduce the compliance burden and effort for the most common IT standards and regulations. Jump start your compliance programs with easy-to-implement tools for demonstrating coverage. Our ready-built tools for IT content includes key regulations, standards, and risk and control matrices.

  • Last updated July 18, 2018

    Compliance Map: embedded content to simplify management of compliance obligations for the AICPA Trust Services Criteria 2016 (SOC 2®).
  • Last updated July 18, 2018

    Compliance Map: embedded content to simplify management of compliance obligations for the AICPA Trust Services Criteria 2017 (SOC 2®).
  • Last updated July 18, 2018

    Risk & Control Framework: ready-to-use risk and control guidance for the CSA Cloud Controls Matrix (Version 3.0.1) 2016 .
  • Analysis App: pre-built scripts that you can use out-of-the-box to quickly analyze your data to help manage unauthorized access risks.
  • Last updated October 15, 2018

    Compliance Map: embedded content to simplify management of compliance obligations for PCI DSS Version 3.2.
  • Last updated November 14, 2018

    Compliance Map: embedded content to simplify management of compliance obligations for PCI DSS Version 3.2.1.

NIST Toolkit

Establish a strong cybersecurity posture by adopting the universally applied NIST cybersecurity framework and security controls. Confidently manage risks and implement mitigating controls to increase assurance over your cybersecurity programs.

  • Last updated August 22, 2018

    Compliance Map and Risk & Control Framework: built-in NIST Cybersecurity (Version 1.0) 2014 compliance requirements and corresponding risk and control guidance.
  • Last updated August 22, 2018

    Compliance Map and Risk & Control Framework: built-in NIST Cybersecurity (Version 1.1) compliance requirements and corresponding risk and control guidance.
  • Last updated July 18, 2018

    Compliance Map: embedded content to simplify management of compliance obligations for NIST SP 800-53 Privacy Controls (Revision 4).
  • Last updated July 18, 2018

    Compliance Map: embedded content to simplify management of compliance obligations for NIST SP 800-53 Program Management Controls (Revision 4).
  • Last updated July 18, 2018

    Compliance Map: embedded content to simplify management of compliance obligations for NIST SP 800-53 Security Controls (Revision 4) / FedRAMP 2016.01.

ISO 2700X Toolkit

Incorporate information security management best practices to cover the risks related to privacy, confidentiality, and technical cybersecurity issues.

  • Last updated October 23, 2018

    Compliance Map: embedded content to simplify management of compliance obligations for ISO/IEC 27001:2013 (US, Canada, & UK Only) .
  • Last updated October 23, 2018

    The ISO/IEC 27002:2013 Information Technology Framework includes the controls and activities for IT and audit professionals to assess their organization's progress towards implementing the framework.
  • Last updated October 23, 2018

    Compliance Map and Risk & Control Framework: built-in ISO/IEC 27002:2013 compliance requirements and corresponding risk and control guidance (US, Canada, & UK Only).

HIPAA Compliance Toolkit

Reduce the risks of a HIPAA violation by ensuring appropriate security requirements and control measures are established to protect the privacy and security of all protected health information.

  • Risk Library: a curated library of key risks specific to Healthcare that you can import directly into your Risk Profile.
  • Last updated October 31, 2017

    Compliance Map: embedded content to simplify management of compliance obligations for HIPAA Omnibus Final Rule 2013.
  • Last updated February 8, 2018

    Compliance Map: embedded content to simplify management of compliance obligations for NIST SP 800-66 Implementing HIPAA Security Rule Revision 1.

Data Privacy Toolkit

Reduce compliance efforts for existing and emerging data privacy regulations by leveraging ready-to-use universal standards that provide an excellent starting point regardless of your industry and geography.

Want to learn more about ACL's compliance with GDPR? Click here.

  • Last updated October 9, 2018

    Compliance Map: embedded content to simplify management of compliance obligations for the EU General Data Protection Regulation (GDPR) 2016.
  • Last updated July 18, 2018

    Risk & Control Framework: ready-to-use risk and control guidance for the ISACA Data Protection Impact Assessment 2017 to assist your organization in implementing effective controls for GDPR and emerging data privacy laws.
  • Last updated July 18, 2018

    Compliance Map: embedded content to simplify management of compliance obligations for ISACA Privacy Principles 2016.

Not what you were looking for? Explore more content suites

Banking & Lending

  • AML/ATF Compliance Toolkit
  • EFT Risk Toolkit
  • Banking Op Risk Toolkit
  • And more

Governments & Higher Education

  • Improper Payments Toolkit
  • Yellow Book (GAGAS) Toolkit
  • Grants Management Toolkit
  • And more

Financial Control Monitoring

  • Accounts Payable Toolkit
  • Vendor Management Toolkit
  • Human Resources Management Toolkit
  • And more

Subscription Value

  • GRC Subscription Value Toolkit
  • Analytics Subscription Value Toolkit
  • And more