Cross-framework control map

One matrix,
six frameworks.

Every Screeq compliance capability mapped to the frameworks it supports. The same control evidence is reused across audits — no duplicate work, no stale screenshots.

Request evidence pack Back to readiness

14-day free trial · No credit card · Cancel anytime

Capability in Screeq	GDPR	UAE PDPL	ISO 27001	ISO 27701	SOC 2	ISO 9001
Records of Processing Activities (RoPA)
DPIA register
DSAR intake & fulfilment with deadline cron
Consent history (immutable)
Cookie consent ledger
Breach incident register + notification dispatch
Sub-processor registry + change subscribers
Retention policies + automated purge
Hash-chained tamper-evident audit log
Access reviews (recertification)
MFA enforcement & session timeout
IP allowlist & SAML SSO scaffolding
Cryptographic key inventory + rotation cron
Field-level encryption status register
Secrets rotation log
SBOM reports
Secure code review log
Change management & deploys
Internal audit programme + findings
Management reviews
Risk treatment plan register
Vendor risk + cert-expiry alerts
ISMS scope document
ISO Statement of Applicability per tenant
JML events (joiner-mover-leaver)
Security training assignments + cadence
Physical & environmental controls register
Privacy-by-design SDLC gate
DR drills + cadence enforcement
Backup restore verifications (cron)
SLO measurements + continuity targets
Penetration testing engagements register
Status page incident history

A tick means Screeq operates a control that supports the framework. A dash means the framework does not require this control (not that it is absent). See each framework's readiness page for the verbatim public-claim language.