This table shows the 9 compliance areas where NIS2 and GDPR controls overlap. When you mark a control as implemented in either framework, Venvera automatically propagates the status to the equivalent control in the other.
| Compliance Area | NIS2 | GDPR |
|---|---|---|
| Encryption | nis2-cr-01 | gdpr-se-04 |
| Key Management | nis2-cr-02 | gdpr-se-04 |
| Access Control | nis2-hr-02 | gdpr-se-05 |
| Incident Management | nis2-ih-01 | gdpr-bn-01 |
| Incident Reporting | nis2-ih-02 | gdpr-bn-02 |
| Business Continuity | nis2-bc-01 | gdpr-se-03 |
| Supplier Contracts | nis2-sc-03 | gdpr-cp-04 |
| Security Testing | nis2-ea-01 | gdpr-se-02 |
| Breach Notification | nis2-ih-02 | gdpr-bn-02, gdpr-bn-04 |
For details on how propagation works, thresholds, and the auto-mapped badge, see the Cross-Framework Control Propagation overview article.