Total Compliance Tracking's portal can help you manage every type of audit your organization needs to fulfill. With dozens of ready‑made templates already tuned to standard audit requirements, plus the flexibility to add any custom type of audit for a nominal one‑time set‑up fee, you can take control of your entire audit universe with TCT's portal.
We're constantly adding more free templates for standard audit requirements to make it easy for you to start managing compliance today. If you don't see yours listed, please let us know and we'll be happy to add any industry standard audit requirements at no cost to you, since others will need them also. Contact us for any special audit requirements ‑ we'll get you on your way to audit mastery in no time!
Examples of ready‑made audit templates available in TCT's Portal include (but are not limited to):
| 23 NYCRR 500 | New York State Department of Financial Services 23 NYCRR 500 |
| BSA / AML | Bank Secrecy Act / Anti‑Money Laundering Examination |
| CCPA | The California Consumer Privacy Act of 2018 |
| CIS Controls v7 | Center for Internet Security Controls v7 |
| CIS Controls v7.1 | Center for Internet Security Controls v7.1 |
| CJIS v5.8 | Criminal Justice Information Services Security Policy |
| CMMC v1.02 | Cybersecurity Maturity Model Certification v1.02 |
| DOE STR | Department of Energy Security Technical Requirements |
| eCFR | Electronic Code of Federal Regulations |
| EIS | Center for Internet Security ‑ Elections Infrastructure Security |
| Exostar | Exostar GAPS |
| FedRAMP ‑ Low | Federal Risk and Authorization Management Program Security Controls ‑ Low |
| FedRAMP ‑ Medium | Federal Risk and Authorization Management Program Security Controls ‑ Medium |
| FedRAMP ‑ High | Federal Risk and Authorization Management Program Security Controls ‑ High |
| FFIEC ‑ BCP | Federal Financial Institutions Examination Council's ‑ Business Continuity Planning |
| FFIEC ‑ IS | Federal Financial Institutions Examination Council's ‑ Information Security |
| FFIEC ‑ M | Federal Financial Institutions Examination Council's ‑ Management |
| GDPR | General Data Protection Regulation |
| GLBA | The Gramm–Leach–Bliley Act |
| HECVAT | Higher Education Cloud Vendor Assessment Tool |
| HIPAA | Health Insurance Portability and Accountability Act |
| HIPAA‑HITECH | Health Insurance Portability and Accountability Act Plus Health Information Technology for Economic and Clinical Health Privacy and Breach Requirements |
| ISO 27001 | International Organization for Standardization 27001 |
| ISO 27002 | International Organization for Standardization 27002 |
| NAID | National Association for Information Destruction |
| NIST 800‑171 | National Institute of Standards and Technology 800‑171 |
| NIST 800‑53 ‑ Low | National Institute of Standards and Technology 800‑53 ‑ Low |
| NIST 800‑53 ‑ Mod | National Institute of Standards and Technology 800‑53 ‑ Mod |
| NIST 800‑53 ‑ High | National Institute of Standards and Technology 800‑53 ‑ High |
| NIST 800‑66 | National Institute of Standards and Technology 800‑66 |
| NIST CSF 1.1 | National Institute of Standards and Technology Cybersecurity Framework v1.1 |
| OCIE | Securities and Exchange Commission ‑ Office of Compliance Inspections and Examinations |
| P11 FDA | Part 11 Food and Drug Administration |
| P2PE | Payment Card Industry ‑ Point‑To‑Point Encryption |
| PA DSS v3.2 | Payment Application Data Security Standard v3.2 |
| PCI DSS 3DS ROC v1.0 | Payment Card Industry Data Security Standard ‑ 3‑D Secure v1.0 |
| PCI DSS P2PE 3.2.1 | Payment Card Industry Data Security Standard ‑ Point‑To‑Point Encryption |
| PCI DSS PIN ROC v3.1 | Payment Card Industry Data Security Standard Personal Identification Number Security Requirements v3.1 |
| PCI DSS ROC 3.2.1 | Payment Card Industry Data Security Standard v3.2.1 Report On Compliance |
| PCI DSS SROC 3.2.1 | Payment Card Industry Data Security Standard Supplemental Report on Compliance ‑ Designated Entities |
| PCI DSS SAQ P2PE 3.2.1 | Payment Card Industry Data Security Standard Self‑Assessment Questionnaire Point‑To‑Point Encryption v3.2.1 |
| PCI DSS SAQ‑A 3.2.1 | Payment Card Industry Data Security Standard Self‑Assessment Questionnaire‑A v3.2.1 |
| PCI DSS SAQ‑A‑EP 3.2.1 | Payment Card Industry Data Security Standard Self‑Assessment Questionnaire‑A‑EP v3.2.1 |
| PCI DSS SAQ‑B 3.2.1 | Payment Card Industry Data Security Standard Self‑Assessment Questionnaire‑B v3.2.1 |
| PCI DSS SAQ‑B‑IP 3.2.1 | Payment Card Industry Data Security Standard Self‑Assessment Questionnaire‑B‑IP v3.2.1 |
| PCI DSS SAQ‑C 3.2.1 | Payment Card Industry Data Security Standard Self‑Assessment Questionnaire‑C v3.2.1 |
| PCI DSS SAQ‑C‑VT 3.2.1 | Payment Card Industry Data Security Standard Self‑Assessment Questionnaire‑C‑VT v3.2.1 |
| PCI DSS SAQ‑D 3.2.1 M | Payment Card Industry Data Security Standard Self‑Assessment Questionnaire‑D v3.2.1 Merchant |
| PCI DSS SAQ‑D 3.2.1 SP | Payment Card Industry Data Security Standard Self‑Assessment Questionnaire‑D v3.2.1 Service Provider |
| PIPEDA | Personal Information Protection and Electronic Documents Act |
| Reg SCI | Regulation Systems Compliance and Integrity ‑ Obligations |
| SIG LITE | Standardized Information Gathering LITE Questionnaire |
| SOC 2 ‑ 2016 | Systems and Organizations Controls 2 ‑ 2016 Trust Services Principle |
| SOC 2 ‑ 2017 | Systems and Organizations Controls 2 ‑ 2017 Trust Services Criteria |
| SOX | Sarbanes‑Oxley Act |
Not seeing your audit requirements listed above?
Don't worry. If your audit requirements aren't included in the list above, Total Compliance Tracking can still help you manage any compliance requirements. Ask us if we have a template in the works, or we will help you apply custom templates to your Total Compliance Tracking portal for a nominal, one‑set set up fee.
Want to see it in action?
We'll give you a custom demo.
