Fintech & regulatory

Compliance

How the current policy set maps to common compliance frameworks. Coverage is advisory: it is measured against the controls mapped in opserapol, not the full framework, and is not an audit artifact.

PCI DSS4.0100%

Payment Card Industry Data Security Standard

14 of 14 mapped controls covered
SOC 22017 TSC100%

AICPA Trust Services Criteria (Security)

6 of 6 mapped controls covered
CIS Kubernetes Benchmarkv1.8100%

Section 5 — policies enforceable at admission

16 of 16 mapped controls covered
NIST SP 800-53rev. 5100%

Security and privacy controls

13 of 13 mapped controls covered
ISO/IEC 270012022100%

Annex A controls

7 of 7 mapped controls covered
DORAEU 2022/2554100%

Digital Operational Resilience Act (EU financial entities)

5 of 5 mapped controls covered
SOC 2 2017 TSCsoc2
6/6 (100%)
ControlTitleMapped policies
CC6.1Logical access security software and architectures restrict access
CC6.6Boundary protection systems guard against threats from outside system boundaries
CC6.8Controls prevent or detect unauthorized or malicious software
CC7.1Vulnerabilities are identified, monitored and evaluated
CC7.2Anomalies indicative of malicious acts are monitored and analyzed
CC8.1Changes to infrastructure and software are authorized, tested and approved