This table shows the 23 compliance areas where SOC 2 and NIS2 controls overlap. When you mark a control as implemented in either framework, Venvera automatically propagates the status to the equivalent control in the other.
| Compliance Area | SOC 2 | NIS2 |
|---|---|---|
| Encryption | CC6.1, CC6.7 | nis2-cr-01 |
| Access Control | CC6.1 | nis2-hr-02 |
| Identity Management | CC6.2 | nis2-hr-02 |
| Authentication & MFA | CC6.1, CC6.3 | nis2-mf-01 |
| Access Rights Review | CC6.2, CC6.3 | nis2-hr-04 |
| Privileged Access Management | CC6.3 | nis2-hr-04 |
| Network Security | CC6.6 | nis2-ch-01 |
| Vulnerability Management | CC7.1 | nis2-ss-02 |
| Logging & Monitoring | CC7.1, CC7.2 | nis2-ea-02 |
| Incident Management | CC7.3, CC7.4 | nis2-ih-01 |
| Incident Classification | CC7.3 | nis2-ih-03 |
| Incident Reporting | CC7.5 | nis2-ih-02 |
| Incident Response Team | CC7.4 | nis2-ih-01 |
| Business Continuity | A1.1, A1.2 | nis2-bc-01 |
| Backup & Restoration | A1.2 | nis2-bc-02 |
| Third-Party Risk Management | CC9.2 | nis2-sc-01 |
| Supplier Due Diligence | CC9.2 | nis2-sc-02 |
| Risk Assessment | CC3.2 | nis2-ra-02, nis2-ra-03 |
| Information Security Policy | CC1.1 | nis2-ra-01 |
| Security Awareness & Training | CC1.4 | nis2-ch-02 |
| Change Management | CC8.1 | nis2-ss-04 |
| Secure Development | CC8.1 | nis2-ss-03 |
| Security Testing | CC4.1 | nis2-ea-01 |
For details on how propagation works, thresholds, and the auto-mapped badge, see the Cross-Framework Control Propagation overview article.