Module · 99 · Architecture Audit
Institutional Stress Test & Audit
Independent assurance posture: SOC 1 Type II, SOC 2 Type II, ISO 27001:2022, ISO 22301 BCMS, mapped against NIST CSF 2.0 and DORA RTS. Includes capacity stress against eight institutional load profiles and the latest red-team window.
Control coverage
91.6%
186/203 mapped
DORA TLPT
passed
Jun 2026
RTO (Tier-0)
< 15 min
multi-AZ + cold DR
RPO (Tier-0)
< 2 min
PITR + WAL stream
Open findings
1 high · 0 critical
SLA 14d
Coverage per family
NIST CSF 2.0 maturity
| Family | Framework | Covered | Total | % |
|---|---|---|---|---|
| Access control | NIST CSF 2.0 · PR.AA | 47 | 52 | 90% |
| Cryptography | ISO 27001 A.8.24 | 18 | 19 | 95% |
| Change management | SOC 2 CC8 | 22 | 24 | 92% |
| Incident response | NIST CSF · RS | 14 | 16 | 88% |
| Vendor / 3rd party | SOC 2 CC9 · DORA Art.28 | 12 | 14 | 86% |
| Business continuity | ISO 22301 | 17 | 18 | 94% |
| Logging & monitoring | PCI 10 · NIST DE.CM | 25 | 26 | 96% |
| Data protection | GDPR · PDPA SG/MY | 31 | 34 | 91% |