Framework Mappings

See how ECGF controls map to European and international cybersecurity frameworks.

Mapping Philosophy

ECGF controls are derived from European regulations first, then mapped to international frameworks. This ensures European sovereignty while maintaining interoperability.

Tier 1 — Priority Frameworks

Primary mapping targets with full coverage analysis

🇪🇺 European Union

NIS2 Directive logo

NIS2 Directive

article requirements

Complete
100%
Coverage
EU AI Act logo

EU AI Act

key articles

Comprehensive
100%
Coverage

🇬🇧 United Kingdom

UK Cyber Essentials logo

UK Cyber Essentials

themes

Comprehensive
100%
Coverage

🌐 International

ISO 27001:2022 logo

ISO 27001:2022

Annex A controls

Comprehensive
98%
Coverage

GDPR

Planned

NCSC CAF

Planned

ISO 42001

Planned

Tier 2 — National Frameworks

EU member state and national cybersecurity frameworks

BSI Grundschutz

Planned

BSI C5

Planned

ANSSI SecNumCloud

Planned

Spanish ENS

Planned

Italian ACN

Planned

Dutch BIO

Planned

Tier 3 — Specialized Frameworks

Sector-specific and specialized compliance frameworks

DORA

Planned

CRA

Planned

EUCS

Planned

eIDAS 2.0

Planned

TISAX

Planned

ISO 27017

Planned

ISO 27018

Planned

ISO 27701

Planned
View All Mappings on GitHub