This repository is not a certification statement. It is an implementation aid that can support control objectives and audit evidence.
- ISO/IEC 27001: access control, secure operations, logging, supplier management and change control
- BAIT: role separation, controlled changes, documentation, operations and service-provider governance
- DORA: resilience-oriented operations, testing, incident preparedness and dependency management
- TISAX: information security maturity, controlled access and traceable processes for partner ecosystems
- NIS2 / cyber hygiene themes: risk-aware operations, logging, recovery preparation and incident response readiness
- reusable examples that reduce ad-hoc operations
- documentation structure that supports reviewability
- architectural context for peer review and handover
- starter artefacts for evidence and operational discipline