Frameworks
Collected once, hashed once, answered four times.
One collected signal — a Defender for Cloud recommendation, an Azure Policy compliance state, an Entra MFA report — lands against every NIS2, DORA, ISO 27001:2022 Annex A, and CIS v8 control it satisfies. Pre-mapped libraries mean you do not rebuild the mapping per audit.
- Entra MFA coverage NIS2 Art. 21(2)(j) · DORA RTS · ISO A.5.17 · CIS 6.3
- Entra Conditional Access NIS2 Art. 21(2)(c) · DORA RTS · ISO A.8.2 · CIS 6.1
- Entra privileged roles NIS2 Art. 21(2)(i) · DORA RTS · ISO A.5.18 · CIS 5.4
- Intune device compliance NIS2 Art. 21(2)(h) · DORA RTS · ISO A.8.1 · CIS 4.1
- Defender for Cloud secure score NIS2 Art. 21(2)(d) · DORA RTS · ISO A.8.8 · CIS 7.1
- Azure Policy compliance states NIS2 Art. 21(2)(b) · DORA RTS · ISO A.5.36 · CIS 4.2
- Azure Activity Log NIS2 Art. 21(4) · DORA RTS · ISO A.8.15 · CIS 8.2
- Read-only collectors ISO 27001:2022 A.5.36 · hashed at collection time
From signal to audit pack.
-
Signal collected
A read-only collector pulls an Entra MFA report, an Intune compliance state, or a Defender for Cloud recommendation and pins it to a collection timestamp.
-
Hashed into the ledger
The record is SHA-256 hashed and appended. Each mapped entry carries its hash and timestamp — entries are added, never edited in place.
-
Mapped to controls
The signal lands against every NIS2 Article 21, DORA, ISO 27001:2022 Annex A, and CIS v8 control it satisfies. One collection, four framework answers.
-
Exported in the audit pack
Pick a framework, business unit, or audit period. The pack bundles the Microsoft source record, control mapping, and ledger hash for your auditor.
See the mapping on your tenant.
30-day trial, one Microsoft tenant, no credit card. Connect with read-only consent and export your first pack.