Control Catalogue
Comprehensive security and privacy controls derived from European regulations and standards.
Under Development
The control catalogue is currently being developed. View the latest controls in the GitHub repository.
Access Control (AC)
6 controlsIdentity, authentication, authorization, and access management controls.
Artificial Intelligence (AI)
12 controlsAI system lifecycle, risk management, and ethical AI controls.
Asset Management (AM)
4 controlsAsset inventory, classification, and lifecycle management.
Audit & Accountability (AU)
3 controlsAudit logging, monitoring, and accountability controls.
Business Continuity (BC)
6 controlsBusiness continuity planning, disaster recovery, and resilience.
Change Management (CM)
2 controlsChange management, configuration management, and version control.
Cryptography (CR)
2 controlsEncryption, key management, and cryptographic controls.
Data Protection & Privacy (DP)
5 controlsData privacy, processing, retention, and subject rights.
Governance & Strategy (GOV)
6 controlsStrategy, policy, roles, and organizational governance.
Human Resources Security (HR)
4 controlsHR security, background checks, and personnel management.
Incident Response (IR)
8 controlsDetection, response, and recovery from security incidents.
Network Security (NS)
4 controlsNetwork architecture, segmentation, and traffic controls.
Physical Security (PS)
2 controlsPhysical security, access control, and environmental protection.
Risk Management (RM)
3 controlsRisk assessment, treatment, monitoring, and review.
Security Awareness & Training (SA)
4 controlsSecurity awareness training and education programs.
Supply Chain Security (SC)
3 controlsThird-party risk, vendor management, and supply chain security.
Secure Development (SD)
3 controlsSecure coding, DevSecOps, and application security.
Vulnerability & Assessment (VA)
3 controlsVulnerability management, penetration testing, and security assessments.