Appearance
Frameworks Overview
Modulos supports compliance across multiple AI governance frameworks. Each framework page in this section explains the regulation's scope, its key requirements, and exactly how Modulos maps controls to help you achieve and maintain compliance.
The frameworks below span AI-specific regulations (EU AI Act, ISO/IEC 42001, NIST AI RMF), data protection and cybersecurity rules (GDPR, NIS2, DORA, ISO 27001, ISO 27701), AI security standards (OWASP Top 10 for LLM and Agentic applications), and regional or corporate governance requirements (UAE AI Ethics, MAS FEAT, Microsoft Supplier DPR).
How frameworks work in Modulos
Modulos treats frameworks as structured collections of requirements — the specific obligations your organization must satisfy. You address requirements by implementing controls: documented policies, processes, or technical measures that prove compliance.
The key advantage of Modulos is cross-framework mapping:
- One control, multiple frameworks — A single control can satisfy requirements from several frameworks at once. For example, a model documentation control may cover EU AI Act Article 11, ISO 42001 Annex A.5, and NIST AI RMF Map 1.1 simultaneously.
- Framework versioning — Modulos tracks framework versions and notifies you when regulatory updates affect your projects, so you can assess impact before deadlines.
- Coverage indicators — Each framework page shows which requirements Modulos helps you address, making gap analysis straightforward.
Cross-framework efficiency
When a control satisfies requirements from multiple frameworks, you implement once and get coverage everywhere. Organizations typically reduce compliance effort by 40–60% compared to managing each framework independently.
AI-specific frameworks
EU AI ActAug 2026
European Union regulation on artificial intelligence systems.
Regulation: EU
ISO/IEC 42001
AI management system standard for responsible AI governance.
Standard: ISO
NIST AI RMF
Risk management framework for trustworthy AI systems.
Framework: NIST
OWASP Top 10 for LLM
Security risks for large language model applications.
Standard: OWASP
OWASP Top 10 for Agentic
Security risks for agentic AI applications and autonomous workflows.
Standard: OWASP
UAE AI Ethics
AI ethics principles and guidelines for the UAE.
Regulation: UAE
MAS FEAT
Fairness, Ethics, Accountability and Transparency for financial AI.
Regulation: SingaporeData protection and security
GDPR
General Data Protection Regulation for personal data.
Regulation: EU
NIS2
EU cybersecurity directive for essential and important entities.
Regulation: EU
DORA
EU digital operational resilience regulation for financial entities.
Regulation: EU
ISO/IEC 27001
Information security management system standard.
Standard: ISO
ISO/IEC 27701
Privacy information management extension to ISO 27001.
Standard: ISOVendor and supply chain
Disclaimer
The content on our website is provided "as is;" no representations are made that the content is up-to-date, complete or error-free. Further, the information provided on this website does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available on this site are for general informational purposes only.
Readers of this website should contact a legal expert to obtain advice with respect to any particular legal matter. Only your individual legal expert can provide assurances that the generalized information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation.
This website contains links to other third-party websites. Such links are only for the convenience of the reader, user or browser; Modulos AG does not recommend or endorse the contents of third-party sites.