Evidence

⌘K

Evidence Vault

Centralized evidence for audits, questionnaires and regulatory controls.

0
Total Evidence

documents collected

+6%
0%
Auto-collected

via integrations

0
Gaps Remaining

evidence gaps to fill

0
Expiring Soon

items need renewal

Evidence Coverage by Regulation

Evidence mapped to regulatory requirements

Avg: 74.3%
NIS2
85%
34/40 controls covered · 6 evidence gaps
DORA
76%
28/37 controls covered · 9 evidence gaps
AI Act
62%
16/26 controls covered · 10 evidence gaps
ISO 27001
91%
42/46 controls covered · 4 evidence gaps

Drag & drop files here

or click to browse · PDF, DOCX, PNG, CSV, JSON up to 25 MB

Evidence Library

Name Type Regulation Linked Control Last Updated Status Actions
AWS CloudTrail Logs Log NIS2 Art. 21 — Logging Mar 7, 2026 Verified
Penetration Test Report Q1 Report ISO 27001 A.12.6 — Vulnerability mgmt Mar 5, 2026 Verified
Employee Security Training Cert Certificate NIS2 Art. 21 — Awareness training Mar 4, 2026 Verified
Access Review Spreadsheet Spreadsheet DORA Art. 6 — ICT access control Mar 2, 2026 Expiring
Encryption Policy v3.2 Policy ISO 27001 A.10.1 — Cryptographic controls Feb 28, 2026 Verified
Firewall Config Backup Config DORA Art. 11 — Network security Feb 25, 2026 Expiring
AI Risk Assessment Report Report AI Act Art. 9 — Risk management Mar 10, 2026 Verified
FRIA Documentation v2.1 Procedure AI Act Art. 14 — Human oversight Mar 12, 2026 Verified

AI Suggestions

Beta

MFA Configuration Proof

Collect screenshot of MFA enforcement settings from your IdP. Required for NIS2 Art. 21 access control obligations.

NIS2 High priority

Data Processing Agreement

Upload signed ICT third-party service agreement with cloud providers. Required for DORA Art. 28 third-party monitoring.

DORA Medium priority

Vulnerability Scan Results

AI risk classification report is outdated. Upload fresh FRIA assessment to maintain AI Act Art. 9 compliance.

AI Act Overdue