Compliance solutions by industry.
NIS2, SOC 2, ISO 27001, EU AI Act, and DORA are implemented differently in every sector. These playbooks show what Matproof covers for your specific industry × framework combination — with practical scope definitions, pain-points, and FAQs built from real European engagements.
NIS2 solutions
NIS2 for Banking
NIS2 compliance for banks and credit institutions. How NIS2 interacts with DORA, BaFin expectations, essential-entity obligations, supply chain security.
Read more →NIS2NIS2 for SaaS & Cloud Providers
NIS2 for SaaS, cloud computing, managed services and digital infrastructure providers. Essential-entity status, registration obligations, incident notification to ENISA and BSI.
Read more →NIS2NIS2 for Telecom & Electronic Communications
NIS2 for telecom operators, ISPs, and electronic communications providers. Overlap with European Electronic Communications Code (EECC), TKG in Germany, BSI + BNetzA supervision.
Read more →NIS2NIS2 for Public Sector & Government
NIS2 compliance for public administration, federal ministries, state authorities, and municipal IT. BSI supervision, BSI IT-Grundschutz alignment, public-sector-specific requirements.
Read more →NIS2NIS2 for Pharmaceuticals & Life Sciences
NIS2 compliance for pharma manufacturers and life sciences. Integration with GxP, Annex 11 GMP, medical-device cybersecurity, clinical-trial data security.
Read more →NIS2NIS2 for Water & Wastewater
NIS2 compliance for drinking water and wastewater operators. Essential-entity status, OT/ICS security for SCADA systems, BSI supervision, sector-specific guidance.
Read more →NIS2NIS2 for Logistics & Transport
NIS2 compliance for transport and logistics operators. Annex I essential entity coverage across air, rail, shipping, and road. OT security, supply-chain obligations, BSI supervision.
Read more →NIS2NIS2 for Digital Infrastructure (DNS, TLD, Trust Services)
NIS2 compliance for DNS operators, TLD registries, trust service providers (eIDAS), and core internet infrastructure. Size-independent essential-entity obligations.
Read more →SOC 2 solutions
SOC 2 for Fintech
SOC 2 Type 2 compliance for European fintech companies selling to US enterprises and financial services customers. EU-hosted alternative with dual ISO 27001 mapping.
Read more →SOC 2SOC 2 for Health Tech & Digital Health
SOC 2 compliance for digital health and health-tech SaaS. Triple mapping with HIPAA (US) and GDPR (EU). EU-hosted platform for European health-tech selling to US hospitals and insurers.
Read more →SOC 2SOC 2 for EdTech & Learning Platforms
SOC 2 compliance for EdTech SaaS selling to US K-12 school districts and higher education. Student data handling (FERPA, COPPA), SOC 2 + privacy stack from an EU-hosted platform.
Read more →ISO 27001 solutions
ISO 27001 for Manufacturing
ISO 27001:2022 certification for manufacturers. Integration with TISAX (automotive), IEC 62443 (industrial cybersecurity), NIS2 Annex II obligations. OT/ICS-aware implementation.
Read more →ISO 27001ISO 27001 for Healthcare & Hospitals
ISO 27001:2022 for hospitals, health systems, and healthcare providers. Integration with B3S Krankenhaus (KRITIS), NIS2 Annex I essential entity status, and GDPR patient data.
Read more →ISO 27001ISO 27001 for Professional Services
ISO 27001:2022 for law firms, consulting, accounting and professional services. Client confidentiality, matter separation, privilege protection aligned with an ISMS.
Read more →ISO 27001ISO 27001 for SaaS (General)
ISO 27001:2022 for SaaS companies — certification path, scope definition, cloud subservice-org handling, dual mapping with SOC 2. EU-hosted platform with 40+ integrations.
Read more →ISO 27001ISO 27001 for Energy & Utilities
ISO 27001:2022 for energy and utility operators. Integration with BSI IT-Grundschutz, KRITIS obligations, NIS2 Annex I essential-entity status, OT/ICS security for power grids.
Read more →ISO 27001ISO 27001 for Pharmaceutical Manufacturing
ISO 27001:2022 for pharmaceutical manufacturers. Integrates with GMP Annex 11, GAMP 5 validated systems, and NIS2 Annex II obligations. Unified control framework for regulated pharma IT.
Read more →EU AI Act solutions
EU AI Act for Legal Services
EU AI Act compliance for law firms using AI tools — contract review, e-discovery, legal research, document generation. Risk classification, KI-Kompetenz obligations, governance.
Read more →EU AI ActEU AI Act for Education & EdTech
EU AI Act compliance for schools, universities, and EdTech. AI in admissions, grading, academic integrity detection — often high-risk. Education-specific KI-Kompetenz, transparency, and vendor management.
Read more →EU AI ActEU AI Act for Public Sector
EU AI Act compliance for public sector: government, welfare, law enforcement, judiciary, immigration. Annex III high-risk categories apply directly. Matproof for public-sector AI governance.
Read more →EU AI ActEU AI Act for HR & Recruiting
EU AI Act for HR teams and recruiting platforms. Applicant screening, CV parsing, interview scoring — often high-risk under Annex III. KI-Kompetenz, FRIA, and transparency obligations.
Read more →Don't see your combination?
Matproof covers 11 frameworks in one platform. Whatever your industry, the underlying controls overlap — let us map your specific situation in a 30-minute call.