The Compliance Convergence: Why 2025–2026 Is the Year Everything Overlaps
NIS2, DORA, and ISO 27001:2022 deadlines land within 12 months. Here's how to treat them as one project, not three.
Read ArticleIWH Original Series
Article Series
Compliance Architect
Practical implementation guides for ISO 27001:2022, NIS2, DORA, and GDPR. Not regulatory summaries — real-world compliance strategies for organisations navigating 2025-2026's converging deadlines.
8 Articles · 2 Sections
Section I
Framework & Standards
ISO 27001:2022 Transition Survival Guide
October 2025 deadline approaching. What actually changed, how to migrate your ISMS, and what auditors expect to see.
Read ArticleNIS2 Implementation for Greek Organizations
Greece received a Commission warning for late transposition. What this means for essential and important entities.
Read ArticleDORA Beyond Banks: Why ICT Providers and Supply Chains Are in Scope
You don't have to be a bank to fall under DORA. ICT providers, cloud vendors, and their supply chains face new obligations.
Read ArticleSection II
Implementation & Operations
The Unified Control Matrix: Mapping ISO 27001, NIS2, DORA, and GDPR
60% of requirements overlap. Stop implementing the same control four times. Build once, document four times.
Read ArticleCompliance Automation That Actually Works
Beyond the sales pitch. What you can realistically automate in evidence collection and continuous monitoring.
Read ArticleWhat Auditors Actually Look For
From both sides of the audit table. It's not about perfect documentation — it's about evidence that controls work.
Read ArticleCompliance-First Architecture: Building Systems Compliant by Design
The cheapest time to build compliance is at design time. Architectural patterns for compliance by design.
Read Article