Regulations & Compliance Mapping
Browse 57 regulatory frameworks including SOC 2, ISO 27001, GDPR, and HIPAA. Map governance statements to specific requirements and track compliance coverage.
The Compliance Challenge
Most organizations need to comply with multiple regulations simultaneously. Tracking which statements satisfy which requirements — across dozens of frameworks — quickly becomes unmanageable in spreadsheets. Dictiva maps your governance statements to specific regulatory requirements, so you can see your compliance posture at a glance.
Supported Frameworks
Dictiva includes 57 regulatory frameworks spanning industry standards, privacy laws, and security certifications:
| Category | Examples |
|---|---|
| Security | SOC 2, ISO 27001, NIST CSF, CIS Controls |
| Privacy | GDPR, CCPA/CPRA, LGPD, POPIA |
| Industry | HIPAA, PCI DSS, GLBA, NERC CIP |
| Risk & Governance | COSO, ISO 31000, COBIT |
| AI & Emerging | EU AI Act, NIST AI RMF |
Navigate to Regulations in the sidebar to browse the full list.
Browsing Regulations
Each regulation is broken down into its constituent requirements — the specific obligations your organization must meet. For example, GDPR is decomposed into individual articles and sub-requirements.
When viewing a regulation, you can see:
- Requirement text — The specific obligation
- Article/section reference — Where it appears in the regulation
- Mapped statements — Which of your governance statements address this requirement
- Coverage status — Whether the requirement is fully mapped, partially mapped, or unmapped
Statement-to-Requirement Mappings
Mappings connect your governance statements to regulatory requirements. Each mapping has a confidence level:
| Confidence | Meaning |
|---|---|
| Direct | The statement directly satisfies the requirement |
| Partial | The statement partially addresses the requirement |
| Related | The statement is conceptually related but doesn't fully satisfy |
How Mappings Are Created
Mappings come from two sources:
- Library mappings — When you adopt a statement from the library, its regulatory mappings are preserved automatically
- Manual mappings — You can create your own mappings between tenant statements and any requirement
Coverage Analysis
The compliance coverage view shows your mapping completeness per regulation:
- Fully mapped — Every requirement has at least one direct statement mapping
- Partially mapped — Some requirements are mapped, others are not
- Unmapped — No statement mappings exist for this regulation
This view helps you identify gaps in your governance program and prioritize which statements to write or adopt next.
Working with Regulations
A practical workflow for achieving compliance coverage:
- Select the regulations relevant to your organization
- Review unmapped requirements to identify gaps
- Browse the library for statements that already have mappings
- Adopt library statements to instantly close gaps
- Write custom statements for requirements unique to your context
- Review coverage periodically to track progress
Next Steps
- Use the library to adopt statements with pre-built regulatory mappings
- Understand domains to organize your compliance program by governance area
- Build assemblies to group mapped statements into formal policy documents