Compliance Standards

Xacta® supports a wide range of security compliance standards and policies.

  • DoD
    • RMF for DoD IT (DoDI 8510.01)
    • DIACAP  to DoD RMF transition support
    • NISCAP
    • Vulnerability Alerts (IAVA, TCNO, others)
  • Cloud/FedRAMP
    • FedRAMP Baseline Security Controls
    • DoD Cloud Computing SRG
  • Civilian
    • USGCB/SCAP
    • DHS 4300A/B
    • FIPS 199
    • MARS-E
    • NIST 800-37 (Risk Management Framework)
    • NIST 800-53/53A (Security Controls for Federal IS)
    • NIST 800-60 (Guide for Mapping Information Systems to Security Categories)
    • NIST Cybersecurity Framework (CSF)
    • NIACAP
    • IRS 1075
  • Intelligence Standards
    • CNSS 1253
    • DCID 6/3 to CNSS transition support
    • DoD Joint Security Implementation Guide (JSIG)
  • FISMA Reporting
    • Quarterly and Annual Remediation Reports (POA&M)
    • NIST 800-18 (Guide for Developing IT System Security Plans)
    • NIST 800-26 (Self-Assessment Questionnaire)
  • Industry and International
    • 12 CFR Part 30
    • California SB 1386
    • Canadian Protected B
    • CCE/CPE/CVE/CVSS/OVAL/XCCDF
    • Common Criteria (selected protection profiles)
    • Gramm-Leach-Bliley Act (GLBA)
    • Health Insurance Portability and Accountability Act (HIPAA)
    • ISO 27001/27002*
    • Microsoft Security Bulletins
    • North American Electric Reliability Corporation (NERC)
    • NCUA Part 748
    • NIST SP 800-171 (Protecting CUI in Nonfederal Systems and Organizations)
    • Payment Card Industry Data Security Standard (PCI/DSS)
    • Visa Cardholder Information Security Program

    *Copyrighted material. An additional fee may be required.

  • Agency Security Requirements
    • Army
    • Air Force
    • Navy
    • DISA (selected STIGs)
    • Dept. of Education*
    • Dept. of Homeland Security
    • Dept. of Justice
    • Dept. of State
    • Dept. of Transportation (FAA)
    • Dept. of Treasury (IRS)
    • Dept. of Veterans Affairs

    *Agency permission for access required

On-Demand Webinar

Combatting Audit Fatigue in IT Risk Management

This webinar focuses on issues that arise from having to support multiple compliance regimes and examine ways to harmonize standards that require varying levels of evidence and fidelity. Presented by Steve Horvath, Vice President of Strategy and Cloud for Telos Corporation, and AJ Turcot, Enterprise Account Executive for Telos Corporation, this on-demand webinar offers actionable strategies for combatting IT audit fatigue.

Learn more

Request a Demo
Let us show you Xacta in action.