When you upload evidence against a SOC 2 control, Verisq automatically credits the mapped ISO 27001, NIST CSF, and HITRUST controls. The mapping registry is maintained per control — collect once, satisfy many.
Per-control mapping table maintained across SOC 2, ISO 27001, NIST CSF, HITRUST, GDPR, HIPAA, PCI DSS, CMMC, CIS Controls, SIG, and CAIQ.
Evidence uploaded against a source control auto-credits mapped controls. Reviewer can decline propagation per case.
Per-evidence reuse count — see which evidence pieces are doing the most work across your frameworks.
Every propagation event recorded with timestamp, source control, target control, and reviewer decision.
Verisq's Cross-Framework Propagation is part of the Trust Operations Platform — one data model, one audit trail, one auditor seat.