Affordable Software For Security Assessments

Hello all,
Do any of you more experienced folks know where to find affordable software for use in security compliance assessments for areas listed below:
Do any of you more experienced folks know where to find affordable software for use in security compliance assessments for areas listed below:
- HIPAA/HITECH
- 800-115
- PCI DSS
- FedRAMP
- 800-53
- 800-171
- 800-66
- NIST CSF
- ISO 27001
If I were to pick one that I'm absolutely looking for it's the HIPAA/HITECH assessment software, however if you know about a comprehensive solution that'll be very awesome as well. As always thanks in advance for your suggestions, tips, and comments.
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
Comments
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP
You should check out the Implementing Controls for HIPAA Compliance videos here on InfoSec, it talks about a free SRA tool that was developed by the National Coordinator for Health Information Technology (ONC), in collaboration with the HHS Office for Civil Rights (OCR). This tool is designed to help healthcare providers conduct a security risk assessment as required by the HIPAA Security Rule and the Centers for Medicare and Medicaid Service (CMS) Electronic Health Record (EHR) Incentive Program. Hope this helps.
Have a good day.
@cshkuru That CSET tool looks to be specifically for people evaluating security of Critical Infrastructure. Even the diagrams are critical-infrastructure specific. Do you think there's an equivalent of the CSET tool for your typical business configuration? Examples below:
1. An accounting office with 50-100 employees.
2. A Marketing firm with 1000-10000 employees.
3. A Transportation corporation with 10,000 - 50,000 employees.
Anyways, still, thanks for engaging the thread.