This table shows the 8 compliance areas where DORA and GDPR controls overlap. When you mark a control as implemented in either framework, Venvera automatically propagates the status to the equivalent control in the other.
| Compliance Area | DORA | GDPR |
|---|---|---|
| Encryption | ict-10 | gdpr-se-04 |
| Access Control | ict-11 | gdpr-se-05 |
| Incident Management | inc-01 | gdpr-bn-01 |
| Incident Reporting | inc-05, inc-06 | gdpr-bn-02 |
| Business Continuity | ict-15 | gdpr-se-03 |
| Supplier Contracts | tpr-06, tpr-07 | gdpr-cp-04 |
| Security Testing | res-01 | gdpr-se-02 |
| Breach Notification | inc-05 | gdpr-bn-02, gdpr-bn-04 |
For details on how propagation works, thresholds, and the auto-mapped badge, see the Cross-Framework Control Propagation overview article.