This table shows the 7 compliance areas where SOC 2 and GDPR controls overlap. When you mark a control as implemented in either framework, Venvera automatically propagates the status to the equivalent control in the other.
| Compliance Area | SOC 2 | GDPR |
|---|---|---|
| Encryption | CC6.1, CC6.7 | gdpr-se-04 |
| Access Control | CC6.1 | gdpr-se-05 |
| Incident Management | CC7.3, CC7.4 | gdpr-bn-01 |
| Incident Reporting | CC7.5 | gdpr-bn-02 |
| Business Continuity | A1.1, A1.2 | gdpr-se-03 |
| Data Classification | CC6.5, C1.1 | gdpr-pr-03 |
| Security Testing | CC4.1 | gdpr-se-02 |
For details on how propagation works, thresholds, and the auto-mapped badge, see the Cross-Framework Control Propagation overview article.