---
title: "Compliance"
description: "Policy packs mapped to CIS Benchmarks, NIST 800-53, ISO 27001, NSA/CISA Kubernetes Hardening Guidance, SOC 2, and PCI-DSS. Pre-built policy sets for common regulatory frameworks."
diataxis: reference
applies_to:
  product: "kyverno"
audience: ["platform-engineer","devsecops"]
last_updated: 2026-03-25
url: https://docs.nirmata.io/docs/policy-sets/compliance/
---


Compliance policy packs mapped to industry standards and regulatory frameworks for Kubernetes.

## Standards Covered

- **CIS Kubernetes Benchmark** — Center for Internet Security controls
- **NIST 800-53** — National Institute of Standards and Technology controls
- **ISO 27001** — Information security management controls
- **NSA/CISA Kubernetes Hardening Guidance** — Government hardening recommendations
- **SOC 2** — Service Organization Control 2 requirements
- **PCI-DSS** — Payment Card Industry Data Security Standard

All compliance policies are available in the [Nirmata policy library on GitHub](https://github.com/nirmata/kyverno-policies/tree/main/compliance).