Adobe Common Controls Framework (Adobe CCF)
Adobe Common Controls Framework (Adobe CCF) trust center source set.
1versionAdobe Common Controls Framework (Adobe CCF) trust center source set
Framework library
Every Framework Your Reviewers Will Ask for. One Control Library.
Pre-Built Depth in Every Framework
178
Frameworks
30,956
Requirements
198
Mapped controls
19,287
Evidence specs
25,667
Test assertions
30
Integration sources
$1,500 to add the next oneUpdated Dec 27, 2025
- Cross-framework mapping:Map overlapping controls once so evidence carries across every standard you support
- Version-tracked:Spot framework updates early and close gaps before the next review cycle
- Evidence-linked:Tie every requirement to timestamped evidence with clear source context
- Auditor-ready exports:Generate control matrices and evidence packages that match what assessors actually request
178 Frameworks. Search Yours.
178
frameworksEvidence, Training, and Lifecycle Built into Every Framework
Automated Evidence Collection
19,287 evidence specifications across all public frameworks. 30 integration sources for automated collection from BC/DR Program Owner, GRC, Operations, Risk Management, and more.
BC/DR Program OwnerGRCOperationsRisk ManagementService OwnersAWSAzureAzure Monitor Logs Pull+22 more
Training Tied to Controls
Training requirements linked to framework controls with module assignments, cadence tracking, and completion evidence. Assessment question banks mapped to reviewer expectations.
Training modules tied to controls
Assessment questions with approved answers
Cadence and completion tracking
Audience-targeted assignments
Proactive Alerts and Remediation
Automated gap detection, deadline tracking, and remediation workflows across every framework. Stay ahead of review windows instead of reacting to them.
Evidence freshness alerts
Automation gap detection
Calendar deadline tracking
Remediation workflows
Map Once. Reuse Across Every Framework.
01
Choose Frameworks
Select the frameworks that apply to your next review cycle. Add more as your program grows.
02
Map to Controls
Link external requirements to one control library. Evidence stays reusable across frameworks.
03
Link Evidence
Attach evidence to controls with owners and freshness expectations. Set cadence and reminders.
04
Keep Current
Track approvals, changes, and cadence over time. Automate collection where integrations support it.
05
Share When Asked
Give reviewers structured access through Trust Center. Export organized files on demand.
AC-2 Account Management · 4 linked items
SOC 2 CC6.1, ISO A.9.2.1, CMMC AC.L2-3.1.1 stay attached to the same shared control instead of splitting into separate framework trackers.
One Library. Every Domain.
AI Governance
Access Control
Application Controls
Asset Management
Business Continuity
Change Management
Cloud Security
Configuration Management
Data Protection
Endpoint Security
Governance
HR Security
IT Service Management
Incident Response
Monitoring
Monitoring & Logging
Network Security
Physical Security
Privacy
Quality Management
Risk Management
Secure Software Development
Service Management
Training & Awareness
Vendor Management
Vulnerability Management
Different Frameworks, Same Six Questions
Access Control and Identity
What you can show
Evidence linked with source and timestamp
Governance and Approvals
What you can show
Policy versions, approval history, and decision trails
Incident Readiness
What you can show
Tabletop records, playbooks, and after-action items
Training Completion
What you can show
Assignment and completion records with dates
Vendor and Supplier Risk
What you can show
Due diligence records with follow-ups and decisions
Freshness and Timing
What you can show
Freshness tracking and change history between cycles
Framework Questions, Answered Plainly
Can I manage multiple frameworks at once?
Can I manage multiple frameworks at once?
Yes. Map multiple frameworks to one control library. Evidence linked to controls is designed to be reusable across overlapping frameworks. Plan limits apply.
Do I have to remap controls for each framework?
Do I have to remap controls for each framework?
No. Mapping is designed to be reused and updated instead of rebuilt. Add new frameworks or review cycles without starting over.
How do you prevent evidence from going stale?
How do you prevent evidence from going stale?
Every evidence item has an owner, a freshness cadence, and automated reminders. Aurora flags what is expiring before reviewers notice.
What happens when a reviewer asks for something new?
What happens when a reviewer asks for something new?
Give reviewers structured access through Trust Center, or export organized evidence packages when someone needs offline documents.
Does Aurora guarantee compliance outcomes?
Does Aurora guarantee compliance outcomes?
No. Aurora runs and documents compliance work. It does not guarantee certification, audit outcomes, or reviewer decisions.
Start with the Frameworks You Need This Quarter
Tell us the frameworks, renewals, or security reviews already on your calendar. We will show how Aurora reuses the same proof across all of them.
15-minute walkthrough. No obligation. See Aurora applied to your workflow with the exact outputs reviewers receive. (No compliance guarantees.)