Frameworks
Every framework you answer to — in one platform
Most organizations in the region don't answer to one framework — they juggle a local regulator, an international standard, a payments mandate and a privacy law at once. HAiCapita ships control libraries for the frameworks below, then lets you map one control to many frameworks so a single piece of evidence satisfies all of them.
HAiCapita helps you implement controls and assemble evidence; the certificate itself is always granted by an accredited third-party auditor, not by us.
AI governance (flagship)
ISO/IEC 42001 (AI management system) — our flagship — plus the surrounding AI-assurance family: ISO/IEC 23894, 42005, 22989, 42006, 38507, 5338 and the EU Artificial Intelligence Act. The most complete AI-governance control set on the platform.
ISO standards
ISO/IEC 27001 (information security) and 27002, ISO/IEC 27017 (cloud security), ISO/IEC 27018 (PII in public cloud), ISO 22301 (business continuity), and more across the ISO families. Author a control once and crosswalk it across every ISO standard you operate.
Security & payments
SOC 2 (AICPA Trust Services Criteria), PCI DSS for payment-card environments, and NIST CSF — the controls most often demanded by enterprise customers and partners.
Egypt & MENA regulators + privacy
The CBE Financial Cybersecurity Framework (Egypt), NTRA requirements (Egypt), the Egypt Personal Data Protection Law (PDPL), plus privacy regimes including GDPR and sector frameworks such as HIPAA. Built in Egypt, so the local mandates are first-class, not afterthoughts.
Frequently asked questions
How does one control satisfy many frameworks?
HAiCapita crosswalks controls across frameworks. You author a control and attach evidence once; the platform maps it to every framework whose requirement it meets, so you maintain one control set instead of duplicating work per standard.
Does HAiCapita issue compliance certificates?
No. HAiCapita makes you audit-ready — control libraries, gap analysis and assembled evidence. Formal certificates (ISO, SOC 2, etc.) are granted by accredited independent auditors after their assessment.