Topic: regulatory-intelligence

2 posts on regulatory-intelligence.

18 June 202611 min read

NIS2 vs ISO 27001: a clause-by-clause working mapping (and where ISO stops short)

A practitioner mapping of every NIS2 Article 21(2) measure category to ISO 27001:2022 Annex A controls, grounded provision-by-provision. Plus the three places ISO leaves a real gap: the 24h/72h reporting clock, management liability, and supply chain depth — and why an ISO certificate is not NIS2 compliance.

nis2 iso-27001 compliance regulatory-intelligence mcp

15 June 20269 min read

What an MCP gateway is, and why compliance work needs one

Generic chat and RAG hallucinate regulatory citations and leave no audit trail. An MCP gateway adds routing, multi-source fan-out, tier auth, and deterministic citation validation on top of point MCP servers. Here's what each layer does and when you actually need it.

mcp compliance mcp-gateway citations regulatory-intelligence