---
title: "GRC Artifacts and Compliance Guides"
canonical_url: "https://www.sorena.io/artifacts"
source_url: "https://www.sorena.io/artifacts/us"
author: "Sorena AI"
description: "Browse Sorena AI GRC artifacts, compliance decision maps, timelines, checklists, and implementation guides for EU, UK, US, and global standards."
keywords:
  - "GRC artifacts"
  - "governance risk and compliance"
  - "compliance artifacts"
  - "compliance checklists"
  - "compliance checklist"
  - "compliance calendar"
  - "compliance deadlines calendar"
  - "compliance templates"
  - "policy templates"
  - "audit checklist"
  - "decision maps"
  - "compliance decision maps"
  - "cybersecurity compliance"
  - "privacy compliance"
  - "product compliance"
  - "EU compliance"
  - "UK compliance"
  - "US privacy compliance"
  - "NIS2 guide"
  - "Cyber Resilience Act CRA guide"
  - "EU Data Act guide"
  - "EU DORA guide"
  - "ISO 27001 implementation guide"
  - "NIST CSF 2.0 guide"
  - "ETSI EN 303 645 guide"
  - "Sorena AI"
---
**[SORENA](https://www.sorena.io/)** - AI-Powered GRC Platform

[Home](https://www.sorena.io/) | [Solutions](https://www.sorena.io/solutions) | [Artifacts](https://www.sorena.io/artifacts) | [About Us](https://www.sorena.io/about-us) | [Contact](https://www.sorena.io/contact) | [Portal](https://app.sorena.io)

---

# GRC Artifacts and Compliance Guides - US

*Artifacts*

## Governance, Risk, and Compliance Artifacts

GRC artifacts generated by Sorena AI from a simple prompt. What you see here is a snapshot, and they age fast. Our Copilot regenerates, combines, and tailors them to your context on demand. Our Autopilot evaluates where you stand, finds the gaps, and acts on them.

[Stop auditing yourself](/solutions/assessment.md)

*Filter: US | Page 1 of 2*

*Web UI pagination: 2 pages. This markdown export includes all 11 artifacts.*

## Available Artifacts

### [FIPS 140-3 Implementation Guide](/artifacts/global/fips-140-3.md)

Practical guide to validation scope, module boundary design, requirements, and evidence needed for FIPS 140-3 readiness.
By Sorena AI | Updated 2026-03-04

### [FIPS Standards Hub](/artifacts/global/fips-standards-hub.md)

Hub for FIPS cryptographic and module-validation standards, with implementation guidance, evidence artifacts, and migration pathways.
By Sorena AI | Updated 2026-03-04

### [FIPS-Approved Crypto Algorithms Guide](/artifacts/global/fips-crypto-algorithms.md)

Guide to approved algorithms, deprecations, migration planning, and implementation evidence across FIPS crypto standards.
By Sorena AI | Updated 2026-03-04

### [NIST CSF 2.0 Implementation Guide](/artifacts/global/nist-csf-2-0.md)

Practical guide to current/target profiles, governance, metrics, and evidence artifacts for NIST CSF 2.0 adoption.
By Sorena AI | Updated 2026-03-04

### [NIST Frameworks Hub](/artifacts/global/nist-frameworks-hub.md)

Hub for NIST frameworks and publications with practical implementation guidance, evidence artifacts, and cross-mappings.
By Sorena AI | Updated 2026-03-04

### [NIST SP 800-161 Rev. 1 C-SCRM Guide](/artifacts/global/nist-sp-800-161-rev-1.md)

Practical guide to cyber supply chain risk management program design, controls, and evidence artifacts aligned to NIST SP 800-161.
By Sorena AI | Updated 2026-03-04

### [NIST SP 800-218 SSDF Implementation Guide](/artifacts/global/nist-sp-800-218-ssdf.md)

Practical guide to SSDF practices, SDLC controls, and audit-ready evidence artifacts aligned to NIST SP 800-218.
By Sorena AI | Updated 2026-03-04

### [NIST SP 800-53 Rev. 5 Controls Guide](/artifacts/global/nist-sp-800-53-rev-5.md)

Practical guide to control selection, tailoring, implementation patterns, and evidence artifacts aligned to NIST SP 800-53 Rev. 5.
By Sorena AI | Updated 2026-03-04

### [NIST SP 800-61 Rev. 3 Incident Response Guide](/artifacts/global/nist-sp-800-61-rev-3.md)

Practical guide to incident response lifecycle design, playbooks, severity models, and evidence artifacts aligned to NIST SP 800-61 Rev. 3.
By Sorena AI | Updated 2026-03-04

### [US CPRA Timeline and Decision Flow](/artifacts/us/california-privacy-rights-act.md)

A CPRA artifact with key dates and a decision flow to help teams understand scope, consumer rights, and business obligations under California privacy law.
By Sorena AI | Updated 2026-02-22

### [US CCPA Timeline and Decision Flow](/artifacts/us/california-consumer-privacy-act.md)

A CCPA artifact with key dates and a decision flow to help teams understand scope, consumer rights, and business obligations.
By Sorena AI | Updated 2026-02-21

## Pagination

Pages: [1](/artifacts/us.md) | [2](/artifacts/us/page/2.md)

## Want these tailored to your needs?

Get a customised guideline aligned to your organisation, systems, and deadlines, with clear actions your team can execute.

[Talk to an expert](/contact.md)


---

[Privacy Policy](https://www.sorena.io/privacy) | [Terms of Use](https://www.sorena.io/terms-of-use) | [DMCA](https://www.sorena.io/dmca) | [About Us](https://www.sorena.io/about-us)

(c) 2026 Sorena AB (559573-7338). All rights reserved.

Source: https://www.sorena.io/artifacts/us