Controls management
178+ pre-mapped controls covering NIS2, DORA, GDPR, and ISO 27001 with cross-framework mapping
The problem
Implementing requirements from multiple frameworks simultaneously leads to duplicate controls, redundant efforts, and confusion about cross-framework correspondences. Teams spend considerable time manually mapping NIS2, DORA, and ISO 27001 controls.
Our solution
Conformitly provides over 178 pre-mapped controls with automatic cross-framework correspondences. A control satisfied for one framework automatically covers equivalent requirements in other frameworks, significantly reducing compliance effort.
Key capabilities
Cross-framework mapping
Pre-established correspondences between NIS2, DORA, GDPR, and ISO 27001 controls. A validated ISO 27001 control automatically covers equivalent NIS2 requirements, avoiding duplicate efforts.
Status and maturity tracking
Each control has a status (not started, in progress, implemented, validated) and a maturity level. Filters by framework, domain, status, and owner enable action prioritization.
Evidence management
Attach evidence directly to controls: documents, screenshots, links to policies, audit reports. Each piece of evidence is timestamped and versioned for traceability.
Pre-configured controls per framework
22 NIS2 controls (Art. 21), 63 DORA requirements (5 pillars), 93 ISO 27001 controls (Annex A 2022), and GDPR requirements, all pre-filled with descriptions, objectives, and expected evidence.