Subscribing to Frameworks
Before Guardian Pro can evaluate your compliance posture against a framework, you need to subscribe to it. Subscribing tells Guardian Pro which frameworks are relevant to your organisation, so your Compliance Dashboard shows only the standards that matter to you.
Available Frameworks
Guardian Pro supports four compliance frameworks:
| Framework | Version | Focus | Recommended For |
|---|---|---|---|
| CIS AWS Foundations Benchmark | 5.0 | Security baseline for AWS accounts | Every AWS environment -- the universal starting point |
| SOC 2 | Trust Services Criteria | Security, availability, confidentiality | SaaS providers, service organisations, companies handling customer data |
| GDPR | EU Regulation 2016/679 | Data protection and privacy | Any organisation processing EU personal data |
| AWS Well-Architected | Current | Operational excellence, security, reliability, performance, cost, sustainability | Architecture reviews, best-practice alignment |
You can subscribe to one framework, multiple frameworks, or all four simultaneously. There is no limit on the number of frameworks you can subscribe to.
How to Subscribe
From Settings
- Navigate to Settings in the left sidebar.
- Click Frameworks.
- You will see all available frameworks listed with their descriptions.
- Toggle on the frameworks you want to enable.
- Click Save.
After subscribing to a new framework, your compliance score for that framework will be calculated during the next scan. If you have recent scan data, the framework may be evaluated immediately using existing results.
From the Compliance Dashboard
If you visit the Compliance Dashboard before subscribing to any frameworks, you will see a prompt to select your frameworks:
- Click Select Frameworks (or the equivalent call-to-action).
- Choose the frameworks relevant to your organisation.
- Confirm your selection.
This navigates you through the same subscription flow as the Settings page.
Choosing the Right Frameworks
Selecting the right frameworks depends on your organisation's industry, regulatory requirements, and goals:
Start with CIS
The CIS AWS Foundations Benchmark is the most universally applicable framework. It provides a security baseline that every AWS environment should meet, regardless of industry or size. If you are unsure where to start, begin here.
Add Regulatory Frameworks
If your organisation has specific regulatory requirements, add the relevant framework:
- Handling EU personal data? Subscribe to GDPR to monitor data protection controls.
- Undergoing SOC 2 audits? Subscribe to SOC 2 to track your Trust Services Criteria compliance continuously.
Include Well-Architected
The AWS Well-Architected Framework is valuable for organisations focused on architecture quality, reliability, and cost efficiency. It complements security-focused frameworks by evaluating operational excellence, performance, and sustainability.
Subscribing to multiple frameworks gives you the broadest compliance coverage. Many automated checks are shared across frameworks, so a single remediation action can improve scores across multiple frameworks simultaneously.
What Happens When You Subscribe
When you subscribe to a framework:
- Controls are loaded -- The framework's controls appear in your Compliance Dashboard controls list.
- Checks are mapped -- Guardian Pro maps its automated checks to the framework's controls.
- Evaluation begins -- Controls are evaluated against your current scan results (or during the next scan if no recent data is available).
- Score is calculated -- Your compliance score for the framework is computed as the percentage of passing controls.
- Dashboard updates -- A score card for the framework appears on your Compliance Dashboard.
The entire process is automatic and takes just seconds.
Unsubscribing from a Framework
If a framework is no longer relevant to your organisation, you can unsubscribe:
- Navigate to Settings > Frameworks.
- Toggle off the framework you want to remove.
- Click Save.
What Happens When You Unsubscribe
- The framework's score card is removed from your Compliance Dashboard
- Controls for that framework are no longer displayed in the controls list
- Historical compliance data for the framework is retained (not deleted)
- If you re-subscribe later, your historical trends will still be available
Unsubscribing removes the framework from your active dashboard view, but it does not disable the underlying automated checks. Those checks continue to run as part of Guardian Pro's scanning process and will still generate findings visible in the Action Centre. Unsubscribing only affects how results are presented on the Compliance Dashboard.
Exceptions and Evidence
When you unsubscribe from a framework:
- Exceptions you created for that framework's controls are preserved. If you re-subscribe, the exceptions will still be active.
- Evidence attached to that framework's controls is preserved. If you re-subscribe, the evidence will still be available.
Framework Updates
Compliance frameworks are updated periodically by their governing bodies. When Guardian Pro updates to a new version of a framework:
- New controls may be added to the framework
- Existing controls may be modified or removed
- Check mappings are updated to reflect the new requirements
- Your score may change as a result of new or modified controls
Guardian Pro notifies you when a framework version is updated. Review the changes to understand how they affect your compliance posture, and check whether any new controls require attention.
Multi-Account Framework Selection
Framework subscriptions apply at the organisation level, not per-account. When you subscribe to a framework, it is evaluated across all accounts in your Guardian Pro environment.
This ensures consistent compliance monitoring across your entire AWS estate. You can still filter the Compliance Dashboard by account to see per-account results within a subscribed framework.
Recommended Combinations
Here are framework combinations recommended for common use cases:
SaaS Provider
| Framework | Reason |
|---|---|
| CIS AWS Foundations Benchmark | Security baseline |
| SOC 2 | Customer trust and audit readiness |
| Well-Architected | Architecture quality and reliability |
Financial Services
| Framework | Reason |
|---|---|
| CIS AWS Foundations Benchmark | Security baseline |
| SOC 2 | Regulatory compliance |
| GDPR | Data protection (if serving EU customers) |
Healthcare / Life Sciences
| Framework | Reason |
|---|---|
| CIS AWS Foundations Benchmark | Security baseline |
| GDPR | Data protection |
| Well-Architected | Reliability and resilience |
Startup / Early Stage
| Framework | Reason |
|---|---|
| CIS AWS Foundations Benchmark | Essential security hygiene |
As you grow and encounter specific compliance requirements (customer requests for SOC 2, EU expansion requiring GDPR), add frameworks incrementally.
You can subscribe to additional frameworks at any time. There is no downside to adding a framework -- it simply gives you additional visibility into your compliance posture. If a framework turns out to be less relevant than expected, you can unsubscribe without losing any data.
Frequently Asked Questions
Can I subscribe to all four frameworks at once?
Yes. There is no limit on the number of frameworks you can subscribe to. Subscribing to all four gives you the broadest compliance visibility.
Does subscribing affect my scan performance?
No. Framework subscriptions do not change what is scanned. The same automated checks run regardless of which frameworks you have subscribed to. Subscribing to a framework only affects how results are mapped, scored, and displayed on the Compliance Dashboard.
I subscribed but do not see a score yet. Why?
Compliance scores are calculated using scan results. If you subscribed to a framework before running your first scan, run a scan from the Dashboard to generate the data needed for compliance evaluation.
Can different team members see different frameworks?
Framework subscriptions apply to the entire organisation. All users see the same subscribed frameworks on the Compliance Dashboard. Individual users can filter the dashboard to focus on specific frameworks, but the subscription itself is organisation-wide.