Reference

Framework Explorer

Browse Australian compliance and security frameworks. Every control is individually indexed, searchable, and cross-referenced for practitioners navigating compliance requirements.

Featured Tool

ControlLink - Cross-Framework Mapping

Explore how controls map between 9 frameworks with our interactive mapping tool. Visualise relationships, find equivalent controls, and understand cross-framework coverage.

Explore Mappings

AESCSF

2.0

Maturity model for Australian energy sector organisations published by AEMO.

354 practices2,766 mappings
Explore →

SP 800-53

5.2.0

Comprehensive security and privacy controls for information systems published by NIST.

1,196 controls4,920 mappings
Explore →

ATTACK

v18.1

Adversary behaviour knowledge base published by The MITRE Corporation for enterprise environments.

691 techniques4,920 mappings
Explore →

NIST CSF

1.0.0

High-level cybersecurity outcomes framework published by NIST.

185 subcategories594 mappings
Explore →

ISO 27001

2022

International standard for information security management systems, providing a systematic approach to managing sensitive company information.

115 controls2,730 mappings
Explore →

CIS Controls

8.1

Prioritised set of safeguards published by the Center for Internet Security.

150 safeguards60 mappings
Explore →

C2M2

2.1

Maturity model published by the US Department of Energy for critical infrastructure.

356 practices296 mappings
Explore →

ATTACK ICS

v18.1

Adversary behaviour knowledge base published by The MITRE Corporation for industrial control systems.

83 techniques0 mappings
Explore →

ISM

2025.12.9

Controls published by the Australian Signals Directorate (ASD) for Australian government systems.

1,107 controls2,488 mappings
Explore →