NorthGRC Standards Overview

Any GRC standard featured in NorthGRC is always connected to the rest.

When you work with one standard in NorthGRC, you are simultaneously working with the others as well, as they are all mapped to each other.

We call it 'Connected Compliance' and it is both cost and time-efficient.

Document Icon

ISO 27001 & ISO 27002

ISO 27001 and ISO 27002 are the backbone of NorthGRC and set international standards for information security management everywhere. We integrate ISO 27001/2 principles into our GRC platform, ensuring robust security, data protection, and regulatory compliance.

Document Icon


NIS2, or the EU Directive on Network and Information Security, mandates cybersecurity standards for critical infrastructure in the EU. The NorthGRC platform is fully compliant with NIS2, enhancing the protection of networks and information with our comprehensive GRC solution.


GDPR & ISO 27701

NorthGRC empowers compliance with GDPR and ISO 27701 requirements, securing personal data within our comprehensive GRC platform. All while our platform seamlessly integrates with information security measures to connect your entire compliance work holistically.



ESG (Environmental, Social, Governance) and CSRD (Corporate Sustainability Reporting Directive) foster sustainable business practices. Integrate ESG reporting and the CSRD into your NorthGRC platform to elevate your corporate responsibility initiatives and enhance transparency.

Document Icon


TISAX (Trusted Information Security Assessment Exchange) plays a crucial role in upholding cyber and information security within the automotive industry. NorthGRC seamlessly links and merges the TISAX standard with all other standards on our platform, creating a harmonized cybersecurity approach.

Document Icon


Digital Operational Resilience Act (DORA) ensures robustness and, as the name states, resilience in the financial sector in the EU. With NorthGRC, you can incorporate DORA alongside other GRC standards, ensuring a connected approach to governance, risk, and compliance in the financial industry.

Document Icon

ISO 9001

ISO 9001 guarantees quality management. In the NorthGRC platform, the ISO 9001 principles are fully integrated, offering effective quality control alongside other governance, risk, and compliance standards for enhanced organizational performance and resilience.


ISO 14001

ISO 14001 focuses on environmental management. Work with ISO 14001 in our holistic GRC platform, enabling you to effectively manage environmental footprints alongside other governance, risk, and compliance initiatives for sustainable and secure business practices.

Document Icon

CIS 18

CIS 18 is a framework for cybersecurity controls. In NorthGRC you can leverage the "connected compliance" philosophy when working with the implemented CIS 18 controls. Manage cybersecurity effectively within the NorthGRC platform to enhance cybersecurity and risk mitigation using CIS 18 and other standards and frameworks.

Document Icon

"NSM Grunnprinsipperne"

NSM Grunnprinsipperne and ISO 27001/2 set information security bars high for companies operating in Norway. Leveraging both in NorthGRC enhances your InfoSec program nationally and internationally, ensuring comprehensive compliance with regulatory requirements, and thereby elevating your overall GRC strategy.

Document Icon


Normen, a Norwegian information security standard, complements ISO 27001/2 and NSM Grunprincipperne for health care companies and also for processing health information. In NorthGRC, you can work with Normen to enhance the GRC program with tailored measures, ensuring compliance with both local regulations and international standards, thus fortifying information security practices for Norwegian organizations.

Document Icon

"Statens Tekniske Minimumskrav"

Statens Tekniske Minimumskrav outlines technical security requirements in Denmark. Working with information security in NorthGRC, you have a paved way to compliance with Statens Tekniske Minimumskrav and all the other InfoSec standards already connected and mapped in our platform.

Group 2789

More standards will be added

We are constantly committed to enhancing our clients' GRC strategies. Therefore, we are dedicated to expanding the NorthGRC library with additional relevant standards. Get in touch with us for further details and potential plans about a specific standard.


Tools for everything in one platform.


All the tools you need to manage and connect the standards you want to work with to enhance your Governance, Risk, and Compliance efforts.

Try NorthGRC
Group 2743 (3)
aker asa
burckhardt compression
a.hartrodt GmbH & Co. KG
mit - grønlands lufthavne
dolphinics logo