Free, browser-based compliance reference tools for GRC analysts, security engineers, and auditors. Search controls, map frameworks, and prep for audits — no accounts, no API keys, no data stored.
Search all 93 ISO 27001:2022 Annex A controls and all 114 ISO 27001:2013 controls. Each entry includes a description, common audit evidence, and cross-version mapping between the 2013 and 2022 editions. Export filtered results to CSV.
Browse and search all NIST Cybersecurity Framework 2.0 subcategories across the six Functions — Govern, Identify, Protect, Detect, Respond and Recover. Includes implementation examples, informative references, and mapping to ISO 27001 controls.
Search all SOC 2 Trust Services Criteria across Security (CC), Availability, Confidentiality, Processing Integrity and Privacy. Each criterion includes audit evidence guidance and mapping to ISO 27001 and NIST CSF.
Built by a cybersecurity engineer for the GRC community. All tools are free, open, and run entirely in your browser.
Visit TheAdminStack ↗Every GRC platform sells you a dashboard. These tools give you the raw reference data — control IDs, descriptions, and the evidence your auditor will actually ask for — without a subscription, a sales call, or a cookie consent banner.
All tools run client-side. Nothing is sent to a server. Your searches stay on your machine.
Start with ISO 27001 →