Compliance Matrix

The Compliance Matrix maps CERTINext capabilities to major security and regulatory frameworks, enabling organizations to demonstrate compliance and audit readiness.

Compliance Mapping Table

CERTINext Capability

SOC 2

ISO 27001

NIST

eIDAS / ETSI

Certificate Inventory & Visibility

CC7

A.8 Asset Management

ID.AM

ETSI EN 319

Role-Based Access Control (RBAC)

CC6

A.9 Access Control

eIDAS Access Control

Audit Logging & Monitoring

CC7

A.12 Logging

ETSI Audit Requirements

Certificate Lifecycle Automation

CC8

A.12 Operations Security

ETSI Lifecycle Controls

Key Management & Rotation

CC6

A.10 Cryptography

IA / SC

ETSI Key Management

Policy Enforcement

CC5

A.5 Information Security Policies

ETSI Policy Compliance

Vulnerability Detection

CC7

A.12.6 Technical Vulnerabilities

ETSI Risk Controls

Incident Response Support

CC7

A.16 Incident Management

ETSI Incident Handling

CA Governance & Trust Management

CC6

A.15 Supplier Relationships

Qualified Trust Services

Reporting & Compliance Evidence

CC7

A.18 Compliance

ETSI Audit Reporting

Key Points

Supports WebTrust and ETSI audit environments
Aligns with CA/B Forum requirements
Enables Qualified Certificate workflows (eIDAS)
Provides audit-ready reporting and evidence

PreviousCompliance and Regulatory Alignment NextUser Management

Last updated 1 month ago

hashtagCompliance Mapping Table

hashtagKey Points

Compliance Mapping Table

Key Points