Skip to main content
You don’t pick a framework to read a marketing checklist. You pick one to prove — to an auditor, a customer, a regulator — that the control it asks for is actually running on the path your agents use. OrcaRouter ships a catalog of frameworks as installable packs, and every framework in that catalog maps to the same guardrail and firewall machinery the rest of your workspace runs, plus a signed report that snapshots what was caught. This page lists the real framework registry and shows how each one turns into evidence. For the install-and-go-live arc, start at the Compliance overview.

1. The ai compliance frameworks in the catalog

The catalog is the live registry — browse it under Compliance → Catalog rather than hard-coding a count, since packs are added over time. As of this writing it spans general security and AI-governance standards, sector regimes, and a wide set of regional privacy laws. The console groups them into five category tabs: ai, privacy, security, financial, and healthcare.
eu_ai_act · nist_ai_rmf · iso_42001 · owasp_llm · colorado_ai. OWASP LLM Top 10 ships as a real installable pack (owasp_llm), not only a control-mapping view — see OWASP LLM Top 10.
soc2 · iso_27001 · nist_800_53 · cmmc. General trust and information-security standards mapped to the content and action planes.
pci_dss · glba · dora_eu. Payment, banking, and operational- resilience regimes — PAN masking, secret hygiene, dangerous-tool controls, and egress evidence.
hipaa · hitrust. PHI redaction, de-identification, and transmission- security egress guards.
gdpr · uk_gdpr · ccpa · china_pipl · appi_jp · pipa_kr · lgpd_br · pipeda_ca · dpdp_in · privacy_au · pdpa_sg · vcdpa_va · cpa_co · ctdpa_ct · ucpa_ut · tdpsa_tx · ferpa · coppa. Each carries data-minimisation, special-category handling, and processing-record controls tuned to the jurisdiction.
Each pack carries an effective date and the month its control mapping was last reviewed, both surfaced on the catalog and the report — so an auditor can see how current the mapping is, not just that it exists.

2. What “evidence” means for a framework

Installing a pack materializes two real, editable objects in your workspace, and they are what the report reads:
  • one Guardrail — the content-plane controls (PII, PHI, secrets, unsafe output) the framework expects on requests and responses;
  • one or more Firewall policy rules — the action- plane controls (which tool calls, MCP dispatches, and egress destinations are allowed or audited).
Because the objects are real, the framework’s evidence is not a self-attestation — it is the live state and match history of controls your traffic already crosses. A report snapshots that state at generation time across eight evidence sections (coverage, enforcement, consent, change log, admin access, gaps, subprocessors, and access reviews), so the artifact stays self-contained even after logs age out.
Evidence sectionWhat it captures
CoverageWhich in-scope controls are satisfied by an installed pack
EnforcementWhether each control is live or still in observe mode
Change logThe versioned history of policy edits behind the controls
Reports also snapshot consent, admin-access, and gaps sections; see Pack contents for the full map of controls a pack lays down.
A framework’s in-scope checklist is the union of pack-covered controls and the organizational clauses (workforce training, BAAs, DPIAs, physical access) that can never be gateway-automated. Those organizational items always render as a disclosed ⚠ Gap with guidance — so completeness is honest, never silently 100%.

3. One concrete flow: SOC 2

Suppose you need SOC 2 evidence. As a workspace Admin on a paid plan, install the pack from the console under Compliance → Catalog. The console drives the management route for you using your session (not a relay key): 
POST /api/compliance/packs/soc2/install
Authorization: Bearer <your console session>
The soc2 pack materializes a guardrail that masks confidential PII and records guardrail decisions, plus a firewall rule that audits every tool dispatch — mapped to TSC CC6.1, CC7.2. It lands in observe mode, so nothing your agents do is interrupted while you watch the match and event feeds. When the feeds look clean, go live and generate the report: 
POST /api/compliance/packs/soc2/golive
The report comes out Ed25519-signed and SHA-256-hashed, exportable as CSV, JSON, or PDF, and publicly verifiable — your auditor confirms it with OrcaRouter’s public key, no account needed. The organizational SOC 2 clauses (change management, risk assessment) appear as disclosed gaps with guidance, because they live in your process, not the gateway.
Browsing the catalog, installed packs, and readiness is open to every workspace Member and is free. Only the Admin who owns rollout needs install, go-live, and residency — so your audit reviewers can watch readiness without write access.

4. Reading the registry programmatically

The catalog and readiness reads are open to Members, so a reviewer or a CI job can pull the current framework list and per-control status without write access. The console uses your session for these management routes: 
GET /api/compliance/catalog      # the live framework registry
GET /api/compliance/readiness    # per-control satisfied / gap status
Don’t hard-code a framework count or list into your own tooling. The catalog is the source of truth and grows over time. Read /api/compliance/catalog and key off the framework key (soc2, hipaa, eu_ai_act, …) rather than a name string.

5. From framework to the controls underneath

A framework is a view of controls you can also configure directly. If you want to understand or tune what a pack lays down — or build the same coverage by hand — the deep references are:

Guardrails

The content-plane reference — PII and PHI entities, secrets, unsafe output, and the block / mask / flag actions a pack uses.

Agent Firewall

The action-plane reference — tool, MCP, and egress rules and the audit / deny / sanitize verdicts behind a pack’s firewall policy.

What a pack contains

The exact guardrail and firewall objects each framework materializes.

Control matrix

Every control mapped across frameworks in one grid.

6. Per-framework pages

The frameworks with their own focused page:

SOC 2

HIPAA

GDPR

EU AI Act

ISO 27001

ISO 42001

NIST AI RMF

OWASP LLM Top 10

PCI DSS

CCPA

7. Where this fits

Observe vs enforce

Land every pack in observe mode first; read the signal before go-live.

Signed report

How a report is hashed and signed, and what an auditor verifies.

Shared responsibility

What the gateway secures versus what stays yours — the honest boundary behind any framework claim.

Enforcement modes

Observe, audit, and enforce — the shared vocabulary behind go-live.
The catalog grows, but the shape never changes: pick a framework, install its pack, observe what it catches, go live, and hand your auditor a signed report mapped clause-by-clause to controls your traffic actually crossed.