amr/hermes-brain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9f52f99092bd1aaf2405095a1671e859077608e9
hermes-brain/ideas/compliance/_index.org
Hermes 44299599f9 gbrain: sync converted org-mode brain files
2026-05-23 06:35:21 +00:00

80 lines
4.1 KiB
Org Mode
Raw Blame History

:PROPERTIES:
:ID: e4a7b3d2-1c9f-4b6e-8a2d-5f3c7e1b9a0c
:CREATED: [2026-05-23 Sat]
:UPDATED: [2026-05-23 Sat]
:END:
#+title: Compliance Framework Index — Global Regulated Industries
#+filetags: :passepartout:triad:compliance:global:index:hub:
The verification monopoly and domain gate package revenue streams depend on
selling into regulated industries. These industries buy compliance, not software.
Each framework below maps to a gate package the triad can sell — ACL2-verified
gate rules that produce deterministic audit trails.
See [[file:first-mover-window.org][First-mover window analysis]] and [[file:revenue-table.org][Revenue table]] for the consolidated view.
* US Frameworks
- [[file:hipaa.org][HIPAA]] — Health privacy ($50K/yr, 500K+ orgs)
- [[file:soc2.org][SOC 2]] — Service organization controls ($50K/yr, 100K+ orgs)
- [[file:fedramp.org][FedRAMP]] — Federal cloud authorization ($100K/yr, 1K providers)
- [[file:sox.org][SOX]] — Financial controls ($50K/yr, 10K orgs)
- [[file:glba.org][GLBA]] — Financial privacy ($40K/yr, 20K orgs)
- [[file:ny-dfs-500.org][NY DFS 500]] — NY financial cybersecurity ($30K/yr, 3K orgs)
- [[file:ccpa-cpra.org][CCPA/CPRA]] — California privacy ($40K/yr, 50K+ orgs)
* Canada
- [[file:quebec-law-25.org][Quebec Law 25]] — Provincial privacy ($25K/yr, 10K+ orgs)
* UK and EU
- [[file:gdpr.org][GDPR]] — EU privacy ($50K/yr, 500K+ orgs)
- [[file:uk-gdpr.org][UK GDPR]] — UK privacy ($40K/yr, 100K+ orgs)
- [[file:nis2.org][NIS2]] — Network security ($50K/yr, 160K orgs)
- [[file:eu-ai-act.org][EU AI Act]] — AI regulation ($75K/yr, 100K+ orgs)
- [[file:dora.org][DORA]] — Financial resilience ($50K/yr, 22K+ orgs)
- [[file:eidas2.org][eIDAS 2.0]] — Digital identity ($30K/yr, 10K+ orgs)
- [[file:cra.org][CRA]] — Product cybersecurity ($40K/yr, 50K+ orgs)
* Asia-Pacific
- [[file:appi.org][APPI]] — Japan privacy ($40K/yr, 100K+ orgs)
- [[file:ismap.org][ISMAP]] — Japan cloud authorization ($75K/yr, 500 providers)
- [[file:pipa.org][PIPA]] — South Korea privacy ($35K/yr, 50K+ orgs)
- [[file:privacy-act-aus.org][Privacy Act]] — Australia privacy ($35K/yr, 50K+ orgs)
- [[file:apra-cps-234.org][APRA CPS 234]] — Australian financial security ($40K/yr, 500 orgs)
- [[file:irap.org][IRAP]] — Australian cloud authorization ($75K/yr, 300 providers)
- [[file:dpdp-act.org][DPDP Act]] — India privacy ($30K/yr, 500K+ orgs)
* Latin America
- [[file:lgpd.org][LGPD]] — Brazil privacy ($30K/yr, 200K+ orgs)
- [[file:lfp-dppp.org][LFPDPPP]] — Mexico privacy ($25K/yr, 50K+ orgs)
* International
- [[file:iso-27001.org][ISO 27001]] — ISMS ($40K/yr, 60K+ orgs)
- [[file:iso-27701.org][ISO 27701]] — Privacy management ($35K/yr, 1K+ orgs)
- [[file:basel-iii.org][Basel III]] — Banking capital ($100K/yr, 500 G-SIBs)
- [[file:fatf.org][FATF]] — AML/CFT ($50K/yr, 50K+ orgs)
- [[file:ifrs.org][IFRS 17]] — Insurance accounting ($75K/yr, 5K+ orgs)
- [[file:oecd.org][OECD Guidelines]] — Privacy/AI principles (indirect)
- [[file:world-bank-esf.org][World Bank ESF]] — Development finance ($50K/yr)
- [[file:ifc-ps.org][IFC PS]] — Project finance ($50K/yr)
- [[file:un-cefact.org][UN/CEFACT]] — Trade facilitation ($30K/yr, 50K+ orgs)
* Strategic View
| Region | Frameworks | Total TAM | First-mover priority |
|--------|-----------|-----------|---------------------|
| US | 7 | ~$33B | FedRAMP (procurement gate), NY DFS 500 (growing) |
| UK/EU | 7 | ~$24B | NIS2 (2025 deadline), AI Act (Aug 2026), DORA (in effect) |
| Asia-Pacific | 7 | ~$9B | DPDP (rules drafting), ISMAP/IRAP (gov cloud gates) |
| Latin America | 2 | ~$7B | LGPD (largest LATAM market) |
| International | 9 | ~$4.5B | ISO 27001 (universal baseline), World Bank/IFC (no market exists) |
Next: [[file:first-mover-window.org][First-mover window analysis]] | [[file:revenue-table.org][Full revenue table]]
See also: [[file:../../ideas/verification-monopoly.org][Verification monopoly]], [[file:../../ideas/domain-gate-packages.org][Domain gate packages]],
[[file:../../ideas/compute-marketplace.org][Compute marketplace]], [[file:../../ideas/infrastructure-lock-in.org][Infrastructure lock-in]]
Reference in New Issue View Git Blame Copy Permalink