# Compliance

Akto's **Compliance Dashboard** provides a centralized view to monitor how your agentic security posture aligns with major compliance frameworks. It maps detected issues from agent components, MCP endpoints, and LLM integrations to specific compliance controls, making it easy to track audit readiness and identify areas requiring attention.

This dashboard offers actionable insights, visual summaries, and exportable reports to help maintain compliance across your autonomous systems.

<div data-with-frame="true"><figure><img src="/files/Isy8Px4ZVGCvKalWqcAd" alt="" width="563"><figcaption></figcaption></figure></div>

### 📍 Accessing the Compliance Dashboard

1. Go to the **Reports** section in the left sidebar
2. Click on **Compliance**
3. Use the dropdown to select a compliance standard (e.g., SOC 2, HIPAA)
4. View mapped issues from agent components, visual summaries, and export reports as needed

***

#### 📋 Standards Covered

Akto supports the following compliance standards for agentic systems:

* **OWASP Agentic Top 10** - Security risks and protections for autonomous AI agents
* **OWASP LLM** - Top vulnerabilities specific to large language model applications
* **EU AI Act** - Regulatory compliance for AI systems based on risk classification
* **NIST AI Risk Management Framework** - Structured risk management for AI systems and agents
* **CIS Controls** - Critical security controls adapted for autonomous systems
* **CMMC** - Defense contractor compliance for agent deployments
* **CSA CCM** - Cloud Security Alliance controls for AI agents
* **Cybersecurity Maturity Model Certification (CMMC)** - Defense contractor compliance for agent deployments
* **FISMA** - Federal information security for government AI systems
* **FedRAMP** - Federal risk authorization for cloud-based agents
* **GDPR** - Data protection compliance for LLM and agent data processing
* **HIPAA** - Healthcare data security for medical AI agents
* **ISO 27001** - Information security management for agentic systems
* **NIST 800-171** - Controlled unclassified information protection
* **NIST 800-53** - Security controls for AI agent implementations
* **PCI DSS** - Payment card security for e-commerce agents
* **SOC 2** - Service Organization Control requirements for AI agent security
* **OWASP** - General web application security best practices
* **MITRE ATLAS** - Adversarial tactics and techniques for AI systems

Each standard includes mapped issues from agent components aligned with specific control requirements.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://ai-security-docs.akto.io/akto-argus-agentic-ai-security-for-homegrown-ai/compliance.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.