Compliance Engineering Framework Overview | Framework | Scope | Key Requirements | |-----------|-------|-----------------| | SOC 2 | Service organizations | Security, availability, confidentiality, privacy, processing integrity | | HIPAA | Healthcare data (PHI) | Encryption, access controls, audit logging, BAAs | | GDPR | EU personal data | Consent, data minimization, right to erasure, DPIAs | | PCI-DSS | Payment card data | Network segmentation, encryption, access controls, logging | | FedRAMP | US government cloud | NIST 800-53 controls, continuous monitoring, authorization | SOC 2 Controls…