Which frameworks can I run end-to-end in Audora today?

SOC 1 and SOC 2 are fully supported end-to-end in Audora today. SOC 3 is coming soon. ISO 27001, HIPAA, PCI DSS, and HITRUST are available as free auditor-curated planning guides with scope, timelines, and cost ranges.

Why are some frameworks listed as guides rather than supported in Audora?

Audora's roadmap is driven by what auditors need most. Frameworks not yet supported end-to-end are provided as free reference guides to help teams plan and compare requirements. If a specific framework is a priority for your practice, contact us and we will make it our immediate focus to build it out.

Audora Frameworks | All Audit Frameworks in One Place

All Frameworks, One Auditor‑First Hub

Compare major audit frameworks side by side from scope, effort, timelines, and cost. Supported in Audora Today frameworks run end-to-end in the platform. Framework Guides & Resources are free auditor-curated references to help you plan future engagements.

Org size^*: ? ?

Supported in Audora Today

SOC 1 (Type 1 & Type 2)

Popular

Financial reporting controls, point-in-time or over a period. Map control objectives, sample effectively, and track evidence with reviewer sign‑offs.

Control objectivesSamplingEvidence lineageReviewer sign‑offs

View framework Start a trial

SOC 2 (Type 1 & Type 2)

Most used

Trust Services Criteria for design or operating effectiveness. Use TSC mapping, versioned evidence, and period testing in one place.

TSC mappingVersioningPeriod testingAutomations

View framework Start a trial

SOC 2 + HIPAA

Combined Engagement

Run your SOC 2 and HIPAA engagements together in a single Audora workflow. Shared evidence, unified control mapping, and coordinated review cycles reduce duplicate work and cut total engagement time.

Shared evidenceUnified controlsPHI safeguardsTSC mapping

View framework Start a trial

📖 Framework Guides & Resources

ℹ️ The frameworks below are free auditor-curated reference guides covering scope, effort estimates, timelines, and cost ranges to help you compare requirements and plan engagements. They are not yet available for end-to-end execution in Audora. Our roadmap is driven by what auditors need most. If a framework listed here or one you use today is a priority for your practice, let us know as your input directly shapes what we build next.

SOC 3

Coming Soon

Public Trust Services report for broad audiences. Understand how SOC 3 relates to SOC 2 work and what a publicly shareable summary looks like.

Public reportTSC coverageShareable summary

Read the guide

ISO 27001

Free Guide

Annex A control mapping, SoA linkage, and evidence roll‑ups. A global benchmark for information security management systems.

SoA linkageRisk tiesExports

Read the guide

HIPAA

Free Guide

Administrative, physical, and technical safeguards for PHI. Covers scope, effort, and what healthcare-adjacent organizations need to know.

PHI controlsReview gatesActivity log

Read the guide

PCI DSS

Free Guide

Scope cardholder data environments, understand artifact requirements, and plan your assessor engagement—without the spreadsheet chaos.

CDE scopingArtifact trackerAssessor notes

Read the guide

HITRUST

Free Guide

Requirement mapping across domains integrating HIPAA, ISO, and NIST. A reference for organizations navigating healthcare security compliance.

Requirements mappingAuditee assignmentsReviewer sign‑offs

Read the guide

Where to learn more about how Audora supports your audits?

Learn about Audora Features

Start a Free Trial

All Frameworks, One Auditor‑First Hub

How we define organization sizes*

SOC 1 (Type 1 & Type 2)

SOC 2 (Type 1 & Type 2)

SOC 2 + HIPAA

SOC 3

ISO 27001

HIPAA

PCI DSS

HITRUST

Compare frameworks

Where to learn more about how Audora supports your audits?

Audora

Resources

Frameworks

Company

Get in Touch