Skip to content
CogniSec
العربية
Compliance

Know your compliance gaps in 2 minutes.

Whether you answer to the NCA, SAMA, CITRA, the EU's NIS2/DORA, or need ISO 27001 — run a free gap check, get an instant readiness score, and close the gaps with our advisors and the CortexGuard platform.

Free multi-framework gap checker

Answer 8 quick questions for an instant readiness score and your priority gaps. ~2 minutes, no sign-up.

1. Do you have approved security policies and clear ownership of cyber risk?

2. How do you identify and treat information-security risks?

3. How are identity and access managed?

4. Do you maintain an inventory of assets and data?

5. How is sensitive/personal data protected?

6. What monitoring and detection do you have?

7. How prepared are you for a security incident?

8. How do you manage supplier/third-party risk?

0/8 answered

Need policies too? Generate a free policy pack →

By region

Regulation, by where you operate

Operating in a specific country? See our compliance services by location.

Compliance by country (Kuwait · Qatar · Saudi · UAE) →

GCC

NCA ECC · SAMA · CITRA · regional data protection

Explore

European Union

NIS2 · DORA

Explore
By framework

Pick your framework

Global

ISO 27001

The international standard for information security management systems (ISMS). Certification proves to customers and regulators that you manage security risk systematically.

ISO 27001 gap check
GCC

NCA ECC

Saudi Arabia’s mandatory baseline cybersecurity controls for government bodies and critical national infrastructure, with sector extensions (CSCC, OTCC, CCC).

NCA ECC gap check
GCC

SAMA CSF

The mandatory cybersecurity framework for financial institutions regulated by the Saudi Central Bank, covering governance, risk, operations and third parties.

SAMA CSF gap check
GCC

CITRA

Kuwait’s national cybersecurity framework and data-protection requirements, setting baseline controls for regulated and government entities.

CITRA gap check
EU

NIS2

The EU’s expanded cybersecurity directive imposing risk-management, incident-reporting and governance obligations on essential and important entities across many sectors.

NIS2 gap check
EU

DORA

EU regulation making financial entities prove they can withstand, respond to and recover from ICT disruptions — covering ICT risk, incident reporting, resilience testing and third-party risk.

DORA gap check

Ready to strengthen your security posture?

Book a confidential consultation with our advisors. We'll assess where you are and map a clear path to where you need to be.

Book a Consultation Explore Services