> For the complete documentation index, see [llms.txt](https://docs.forestall.io/fsprotect/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.forestall.io/fsprotect/compliance.md).

# Compliance

Compliance provides a structured view of the compliance posture of scanned environments by mapping detected issues to supported cybersecurity frameworks.

It helps users understand which compliance controls are affected by discovered vulnerabilities and allows them to prioritize remediation based on exposure, severity, and control coverage.

<figure><img src="/files/EHk9AZTLkEkH6cqpZ9Rm" alt=""><figcaption><p>Compliance</p></figcaption></figure>

### Compliance Framework Selection

<figure><img src="/files/PfPU6CLz1zXSPvbYlvNd" alt=""><figcaption><p>Compliance Framework Selection</p></figcaption></figure>

Compliance Framework Selection allows users to choose a supported compliance document for the selected scan.

The available compliance frameworks may include:

**ISO/IEC 27001:** International information security management standard.

**NCA Essential Cybersecurity Controls:** Cybersecurity control framework published by the National Cybersecurity Authority.

**SAMA Cybersecurity Framework:** Cybersecurity framework used for organizations regulated by the Saudi Central Bank.

**UAE Information Assurance Regulation:** Information assurance regulation used to evaluate cybersecurity controls and requirements.

<figure><img src="/files/zQ7PMPTCxnxDKmWrhzn6" alt=""><figcaption><p><strong>ISO/IEC 27001 example</strong></p></figcaption></figure>

### Compliance Summary

<figure><img src="/files/dsREaEjoJZ7Ev8t1ziAU" alt=""><figcaption><p>Compliance Summary</p></figcaption></figure>

Compliance Summary provides an overview of the selected compliance framework based on the vulnerabilities detected in the scan.

**Compliances:** The number of compliance controls that are included in the selected framework.

**Affected Controls:** The number of controls that are impacted by detected vulnerabilities.

**Compliance Ratio:** The ratio of unaffected controls compared to the total number of controls.

### Severities

<figure><img src="/files/VqmYaGKFdxqyEFv8lD4q" alt=""><figcaption><p>Severities</p></figcaption></figure>

Severities show the distribution of detected vulnerabilities that are mapped to the selected compliance framework.

### Most and Least Compliant Controls

<figure><img src="/files/jqEKPyqQXS8ZumYxxJyc" alt=""><figcaption><p>Most and Least Compliant Controls</p></figcaption></figure>

#### **Most Compliant Controls**

Controls with the lowest detected vulnerability ratio compared to the total number of vulnerabilities mapped to the control.

These controls have fewer detected vulnerabilities relative to their compliance coverage and therefore represent stronger compliance performance.

#### **Least Compliant Controls**

Controls with the highest detected vulnerability ratio compared to the total number of vulnerabilities mapped to the control.

These controls have a larger proportion of detected vulnerabilities within their mapped compliance coverage and therefore require greater remediation attention

### Compliance Controls Table

<figure><img src="/files/JV2tIUT3rN9ldhag4VtN" alt=""><figcaption><p>Compliance Controls Table</p></figcaption></figure>

Compliance Controls Table lists the controls in the selected compliance framework and shows how many mapped vulnerabilities are detected for each control.

**Control ID:**\
The unique identifier of the compliance control.

**Control Name:**\
The name or title of the compliance control.

**Ratio:**\
Shows the number of detected mapped vulnerabilities compared to the total number of mapped vulnerabilities for the control.

**Total Exposure Point:**\
The total exposure score calculated from detected vulnerabilities mapped to the control.

Users can click a control to view detailed information about related vulnerabilities and rationales.

### **Control Details**

<figure><img src="/files/kzijXYJj43iGgjtXMPqt" alt=""><figcaption><p>Access Control Details</p></figcaption></figure>

Control Details provides detailed information about a selected compliance control and the vulnerabilities associated with it.

The page displays the control identifier, control description, environment information, and the ratio of detected vulnerabilities compared to the total number of vulnerabilities mapped to the control.

Users can review all detected vulnerabilities related to the selected control, including their severity levels, MITRE ATT\&CK tactics, and exposure points.

For each vulnerability, a dedicated **View Rationale** action is available within the table. Users can review the rationale explaining why the vulnerability is mapped to the selected compliance control without leaving the current page.

<figure><img src="/files/1AWG9blFFQS2mpGEX3Ro" alt=""><figcaption><p>View Rationale</p></figcaption></figure>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.forestall.io/fsprotect/compliance.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.