European Excellence
Built for European Cyber Governance

European Cyber
Governance Framework

🇪🇺 Made in Europe • Leading European Cybersecurity

The unified European framework for demonstrating cybersecurity compliance across EU and UK regulations

Built on European sovereignty. Trusted by European organisations. Designed for European regulatory requirements.

Explore Control Framework View on GitHub →
80
Total Controls
18
Control Domains
7+
Frameworks Mapped
100%
European Origin

The European Compliance Challenge

European organisations face a complex web of overlapping cybersecurity and data protection requirements.

Current State

  • Multiple overlapping regulations (NIS2, DORA, GDPR, CRA, UK CAF)
  • Dependency on non-European frameworks
  • Costly duplicate compliance efforts
  • Fragmented control implementations
  • Lack of unified, defensible European control set

ECGF Solution

  • Unified control catalogue for all major EU/UK frameworks
  • 100% European sovereignty — no external dependencies
  • Implement once, demonstrate compliance everywhere
  • Fully traceable to European legislation
  • Defensible, auditable, and transparent governance

Built on European Principles

ECGF embodies European values of transparency, sovereignty, and democratic governance.

🇪🇺

European Sovereignty

Rooted in European legislation and standards. No dependency on non-European frameworks or governance structures.

🔍

Full Traceability

Every control traces back to authoritative European sources with documented rationale and legal basis.

⚖️

Defensible Governance

Methodology, decisions, and changes are documented, auditable, and defensible in regulatory reviews.

📖

Open & Transparent

Governance model, review cycles, and change logs are publicly visible and community-reviewed.

🔗

Interoperable by Design

Maps to international standards (ISO 27001, NIST) without depending on them as primary sources.

🤝

Community Driven

Open-source, freely available, and accessible to all European organisations regardless of size.

Comprehensive EU/UK Coverage

ECGF provides unified coverage across major European and UK cybersecurity frameworks.

NIS2 Directive

EU

Network and Information Security Directive (EU 2022/2555)

Primary European cybersecurity regulation

DORA

EU

Digital Operational Resilience Act

Financial sector cyber resilience

GDPR

EU

General Data Protection Regulation

Data protection security requirements

Cyber Resilience Act

EU

Product Security Requirements

Digital product cybersecurity

UK NCSC CAF

UK

Cyber Assessment Framework

UK critical infrastructure

ISO 27001:2022

Global

Information Security Management

Mapped for interoperability
View All Framework Mappings →

Join the European Cyber Governance Movement

ECGF is in active development. We're building this in the open — contribute, provide feedback, or follow progress.

Contribute on GitHub Learn More →

Maintained by Compliance Genie • Built with European values • Open source forever