Solutions
Compliance solutions by industry.
NIS2, SOC 2, ISO 27001, EU AI Act, and DORA are implemented differently in every sector. These playbooks show what Matproof covers for your specific industry × framework combination — with practical scope definitions, pain-points, and FAQs built from real European engagements.
New to a baseline? Start with our Cyber Essentials certification guide to map the five core controls before scoping a framework.
NIS2
NIS2 solutions
NIS2 for Banking
NIS2 compliance for banks and credit institutions. How NIS2 interacts with DORA, BaFin expectations, essential-entity obligations, supply chain security.
Read more →NIS2NIS2 for SaaS & Cloud Providers
NIS2 for SaaS, cloud computing, managed services and digital infrastructure providers. Essential-entity status, registration obligations, incident notification to ENISA and BSI.
Read more →NIS2NIS2 for Telecom & Electronic Communications
NIS2 for telecom operators, ISPs, and electronic communications providers. Overlap with European Electronic Communications Code (EECC), TKG in Germany, BSI + BNetzA supervision.
Read more →NIS2NIS2 for Public Sector & Government
NIS2 compliance for public administration, federal ministries, state authorities, and municipal IT. BSI supervision, BSI IT-Grundschutz alignment, public-sector-specific requirements.
Read more →NIS2NIS2 for Pharmaceuticals & Life Sciences
NIS2 compliance for pharma manufacturers and life sciences. Integration with GxP, Annex 11 GMP, medical-device cybersecurity, clinical-trial data security.
Read more →NIS2NIS2 for Water & Wastewater
NIS2 compliance for drinking water and wastewater operators. Essential-entity status, OT/ICS security for SCADA systems, BSI supervision, sector-specific guidance.
Read more →NIS2NIS2 for Logistics & Transport
NIS2 compliance for transport and logistics operators. Annex I essential entity coverage across air, rail, shipping, and road. OT security, supply-chain obligations, BSI supervision.
Read more →NIS2NIS2 for Digital Infrastructure (DNS, TLD, Trust Services)
NIS2 compliance for DNS operators, TLD registries, trust service providers (eIDAS), and core internet infrastructure. Size-independent essential-entity obligations.
Read more →SOC 2
SOC 2 solutions
SOC 2 for Fintech
SOC 2 Type 2 compliance for European fintech companies selling to US enterprises and financial services customers. EU-hosted alternative with dual ISO 27001 mapping.
Read more →SOC 2SOC 2 for Health Tech & Digital Health
SOC 2 compliance for digital health and health-tech SaaS. Triple mapping with HIPAA (US) and GDPR (EU). EU-hosted platform for European health-tech selling to US hospitals and insurers.
Read more →SOC 2SOC 2 for EdTech & Learning Platforms
SOC 2 compliance for EdTech SaaS selling to US K-12 school districts and higher education. Student data handling (FERPA, COPPA), SOC 2 + privacy stack from an EU-hosted platform.
Read more →ISO 27001
ISO 27001 solutions
ISO 27001 for Manufacturing
ISO 27001:2022 certification for manufacturers. Integration with TISAX (automotive), IEC 62443 (industrial cybersecurity), NIS2 Annex II obligations. OT/ICS-aware implementation.
Read more →ISO 27001ISO 27001 for Healthcare & Hospitals
ISO 27001:2022 for hospitals, health systems, and healthcare providers. Integration with B3S Krankenhaus (KRITIS), NIS2 Annex I essential entity status, and GDPR patient data.
Read more →ISO 27001ISO 27001 for Professional Services
ISO 27001:2022 for law firms, consulting, accounting and professional services. Client confidentiality, matter separation, privilege protection aligned with an ISMS.
Read more →ISO 27001ISO 27001 for SaaS (General)
ISO 27001:2022 for SaaS companies — certification path, scope definition, cloud subservice-org handling, dual mapping with SOC 2. EU-hosted platform with 40+ integrations.
Read more →ISO 27001ISO 27001 for Energy & Utilities
ISO 27001:2022 for energy and utility operators. Integration with BSI IT-Grundschutz, KRITIS obligations, NIS2 Annex I essential-entity status, OT/ICS security for power grids.
Read more →ISO 27001ISO 27001 for Pharmaceutical Manufacturing
ISO 27001:2022 for pharmaceutical manufacturers. Integrates with GMP Annex 11, GAMP 5 validated systems, and NIS2 Annex II obligations. Unified control framework for regulated pharma IT.
Read more →EU AI Act
EU AI Act solutions
EU AI Act for Legal Services
EU AI Act compliance for law firms using AI tools — contract review, e-discovery, legal research, document generation. Risk classification, KI-Kompetenz obligations, governance.
Read more →EU AI ActEU AI Act for Education & EdTech
EU AI Act compliance for schools, universities, and EdTech. AI in admissions, grading, academic integrity detection — often high-risk. Education-specific KI-Kompetenz, transparency, and vendor management.
Read more →EU AI ActEU AI Act for Public Sector
EU AI Act compliance for public sector: government, welfare, law enforcement, judiciary, immigration. Annex III high-risk categories apply directly. Matproof for public-sector AI governance.
Read more →EU AI ActEU AI Act for HR & Recruiting
EU AI Act for HR teams and recruiting platforms. Applicant screening, CV parsing, interview scoring — often high-risk under Annex III. KI-Kompetenz, FRIA, and transparency obligations.
Read more →Get started
Don't see your combination?
Matproof covers 11 frameworks in one platform. Whatever your industry, the underlying controls overlap — let us map your specific situation in a 30-minute call.