Governance > Regulatory mapping

Regulatory Mapping Execution Control Meets Compliance

TrigGuard enforces authorization before irreversible execution. This page maps our controls and evidence to major regulations and frameworks across the UK and EU.

Deterministic control

Permit / deny / silence decisions before execution.

Verifiable evidence

Signed receipts with offline verifiability and audit trails.

Privacy by design

Data minimization, encryption, and no cross-site tracking.

Framework aligned

Mapped to UK, EU, and global regulatory requirements.

Supported Frameworks

We actively map our controls and evidence to the following regulations and standards.

Framework	Focus	Mapping
EU AI ACT	High-risk AI systems obligations, risk management, governance, transparency, and logging.	View mapping ->
UK GDPR	Lawful processing, data minimization, security, and accountability for AI operations.	View mapping ->
DORA	Operational resilience, ICT risk controls, incident reporting, and third-party risk governance.	View mapping ->
NIS2	Cybersecurity risk management, supply chain safeguards, and incident notification discipline.	View mapping ->
ISO/IEC 27001	Information security management system controls and evidence management.	View mapping ->
SOC 2	Security, availability, processing integrity, confidentiality, and privacy criteria.	View mapping ->
SR 11-7	Model risk management expectations for financial institutions.	View mapping ->
PRA SS1/23	Operational resilience policy statement for banks and insurers.	View mapping ->

Control Mapping Overview

TrigGuard controls map to regulatory requirements across five key domains.

Domain	What TrigGuard Provides	Key Outcomes	Frameworks Impacted
Governance & Oversight	Policy lifecycle, role-based access, change control.	Accountability and documented governance.	AI Act, GDPR, ISO 27001, SOC 2, DORA, NIS2
Risk Management	Pre-execution authorization, risk classification, fail-closed defaults.	Risk reduction and deterministic control.	AI Act, DORA, NIS2, SR 11-7, ISO 27001
Execution Controls	Permit / deny / silence decisions before irreversible actions.	Prevent unauthorized or risky execution.	AI Act, DORA, NIS2, SOC 2, SR 11-7
Evidence & Audit	Signed receipts, immutable logs, offline verifiability.	Audit-ready evidence and non-repudiation.	AI Act, GDPR, DORA, NIS2, SOC 2, ISO 27001
Privacy & Security	Data minimization, encryption, key management.	Confidentiality, integrity, privacy compliance.	GDPR, ISO 27001, SOC 2, DORA, NIS2

View full control catalogue ->

Regulation Deep Dives

Detailed mappings and guidance for each regulation.

EU AI Act ->UK GDPR ->DORA ->NIS2 ->SR 11-7 ->PRA SS1/23 ->ISO/IEC 27001 ->SOC 2 ->

This mapping is for informational purposes and reflects current regulatory guidance as of May 2026. Regulations evolve; contact us for latest updates and custom assessments.

Need the full compliance pack?

Get the latest regulatory mapping pack, control catalogue, and evidence templates for your audit and vendor reviews.

Request enterprise pack ->

Email: sales@trigguardai.com

Evidence & Artifacts

Signed execution receipts
Policy version history
Decision logs and audit trails
Control mapping matrix
Model risk documentation templates

Assurance & Certifications

ISO/IEC 27001 aligned controls
SOC 2 Type II readiness
Encryption in transit and at rest
No third-party advertising or tracking

Download Compliance Pack

Complete regulatory mapping pack with control matrix and evidence templates.

Request pack ->