Integration

Integrated View

Durchgängige Verbindungen zwischen Risiken, Maßnahmen, Nachweisen und Reports.

Each risk maps to framework-specific measures. 18 risks → 103 measures.

RISK-001 HIGH 15/25

Cloud Provider Outage — Critical Services

→

DORA Art. 11 MaRisk AT 7.2 ISO 27001 A.8.14

RISK-002 HIGH 10/25

Unauthorized Data Modification in Core Banking

→

DORA Art. 9(4) MaRisk AT 7.2 ISO 27001 A.8.2

RISK-003 HIGH 12/25

Third-Party Data Leakage via API

→

DORA Art. 28 MaRisk AT 9 ISO 27001 A.8.11

RISK-004 HIGH 12/25

Critical ICT Service Provider Concentration

→

DORA Art. 28(3) MaRisk AT 9 ISO 27001 A.5.19

RISK-005 CRITICAL 20/25

TLPT Non-Compliance (Overdue)

→

DORA Art. 24-25 MaRisk AT 4.3.5

RISK-006 MEDIUM 12/25

Legacy System Single Point of Failure

→

DORA Art. 11(4) MaRisk AT 7.2

RISK-007 HIGH 15/25

Ransomware Attack on Critical Systems

→

DORA Art. 11 MaRisk BT 3.2 ISO 27001 A.8.7

RISK-008 MEDIUM 6/25

Sub-Contractor Non-Compliance Cascade

→

DORA Art. 30 MaRisk AT 9 ISO 27001 A.5.20

All 103 measures across the catalog require evidence artifacts.

103

Total Measures

Evidence Items

0.5

Avg Evidence/Measure

Evidence Coverage by Theme

Governance & Verantwortung 5 evidence items

IKT-Risikomanagement 3 evidence items

IKT-Drittparteienrisiko 5 evidence items

Digitale Resilienztests 6 evidence items

Schutz, Erkennung & Reaktion 4 evidence items

Evidence items feed into compliance reports across frameworks.

DORA

Compliance Report

89%

MaRisk

Status Report

75%

ISO 27001

Evidence Pack

90%

NIS2

Readiness Report

82%

Report Builder → Gap Analysis →