---
title: Compliance Assessment
description: Score your cloud infrastructure against 57 benchmarks including CIS, SOC 2, GDPR, HIPAA and NIST. AI-generated remediation roadmap. Audit-ready on demand.
url: https://www.getobok.com/compliance-assessment
---

# Compliance Assessment

> Score your cloud infrastructure against 57 benchmarks including CIS, SOC 2, GDPR, HIPAA and NIST. AI-generated remediation roadmap. Audit-ready on demand.

Obok's Compliance Assessment product scores your cloud infrastructure against 57 security and regulatory benchmarks, generates a prioritized remediation roadmap, and produces audit-ready reports — all without consultants or spreadsheets.

## Frameworks covered (57 benchmarks)

### AWS benchmarks
- CIS AWS Foundations Benchmark (v1.2 through v6.0)
- CIS Compute Services Benchmark v1.0.0
- CIS Controls v8 IG1
- NIST 800-53 (Revision 4 & 5)
- NIST Cybersecurity Framework (CSF) v1.1 & v2.0
- NIST 800-171 Revision 2
- NIST 800-172
- PCI DSS v3.2.1 & v4.0
- FedRAMP Low & Moderate Revision 4
- GDPR
- HIPAA (Final Omnibus Security Rule 2013 & Security Rule 2003)
- SOC 2
- FFIEC
- CISA Cyber Essentials
- ACSC Essential Eight
- GxP 21 CFR Part 11 & EU Annex 11
- NYDFS 23
- RBI Cyber Security Framework & ITF-NBFC
- AWS Foundational Security Best Practices
- Audit Manager Control Tower Guardrails

### Azure benchmarks
- CIS Azure Foundations Benchmark (v1.3 through v5.0)
- FedRAMP High
- HIPAA HITRUST 9.2
- NIST CSF v2.0
- NIST SP 800-171 Revision 2
- NIST SP 800-53 Revision 5
- PCI DSS v3.2.1
- RBI IT Framework for NBFC

### OCI benchmarks
- CIS Oracle Cloud Infrastructure Foundations Benchmark (v1.1.0 through v3.0.0)

### GCP benchmarks
- CIS Google Cloud Platform Foundations Benchmark (v1.2 through v4.0)
- CFT Scorecard v1
- Forseti Security v2.26.0
- HIPAA
- NIST 800-53 Revision 5
- NIST CSF v1.0 & v2.0
- PCI DSS v3.2.1
- SOC 2 2017

## Cloud services covered

### Amazon Web Services
EC2, S3, IAM, RDS, Lambda, CloudTrail, VPC, and 40+ additional services

### Microsoft Azure
Azure AD, Storage, VMs, SQL, Key Vault, Monitor and more

### Google Cloud Platform
IAM, GCS, Compute Engine, BigQuery, Cloud SQL and more

## How it works

1. Connect your cloud account with read-only access in 5 minutes
2. Obok scores your infrastructure against all applicable benchmarks
3. An AI-generated remediation roadmap prioritizes what to fix first
4. Audit-ready reports available on demand for any framework
5. Re-score at any time to track compliance progress

## Cloud providers supported

- Amazon Web Services (AWS)
- Microsoft Azure
- Google Cloud Platform (GCP)
- Oracle Cloud Infrastructure (OCI)

## Key benefits

- **57 benchmarks in one scan** — single assessment covers all major security and regulatory frameworks
- **Audit-ready reports** — export compliance evidence for auditors on demand, any time
- **AI remediation roadmap** — step-by-step fixes prioritized by risk and compliance impact
- **Continuous tracking** — monitor compliance score changes over time as you remediate
- **No consultants required** — connect in 5 minutes, first score in under 10

## Who uses compliance assessment

- **Security teams** preparing for SOC 2 or PCI DSS audits
- **Engineering teams** enforcing CIS hardening standards
- **Compliance officers** tracking GDPR and HIPAA obligations in cloud infrastructure
- **CTOs and CISOs** needing a real-time view of their compliance posture

## Related products

- [Cloud Security](https://www.getobok.com/cloud-security) — Detect threats and misconfigurations in real time
- [Cloud Cost Optimization](https://www.getobok.com/cloud-cost-optimization) — Find and eliminate cloud waste

## Get started

[Get your first compliance score free](https://www.getobok.com/pricing) — connect one account in 5 minutes.