TheArtOfService
Cross-Framework Mapping

ISO/IEC 29147:2018vsFrench Sapin II Law (Law No. 2016-1691)

See exactly how ISO/IEC 29147:2018 controls map to French Sapin II Law (Law No. 2016-1691). Pre-computed mappings, identified gaps, and coverage analysis.

10
Controls Mapped
30
Gaps Found
12%
Coverage

According to the TheArtOfService Compliance Knowledge Graph:

ISO/IEC 29147:2018 maps to French Sapin II Law (Law No. 2016-1691) with 12% coverage across 7 directly mapped controls. Analysis of 40 ISO/IEC 29147:2018 controls identifies 41 compliance gaps — primarily concentrated in Clause 6: Receiving Vulnerability Reports.

Source: TheArtOfService Knowledge Graph | 40 controls analysed | 730 frameworks | 488K+ cross-framework mappings

Control Mappings

Showing 10 of 10 mapped controls across 5 domains. Sign up to explore all 488K+ mappings across 730 frameworks.

Clause 1-4: Introduction(3 mappings)

29147-3Terms and definitions
SAPIN2-1Code of Conduct
30111-3Terms and definitions2 targets
LAOS-CC-Art22LaoCERT
SAPIN2-1Code of Conduct

Legal(2 mappings)

29147-5.11Researcher Safe Harbour and Legal Posture2 targets
SAPIN2-2Corruption Risk Assessment
SAPIN2-3Third-Party Due Diligence

Clause 5: Vulnerability Disclosure Concepts(3 mappings)

29147-5.11Researcher Safe Harbour and Legal Posture2 targets
SAPIN2-2Corruption Risk Assessment
SAPIN2-3Third-Party Due Diligence
29147-5.8Confidentiality of Reports
SAPIN2-7Disciplinary Sanctions

Information Handling(1 mappings)

29147-5.8Confidentiality of Reports
SAPIN2-7Disciplinary Sanctions

Clause 8-9: Coordination and Disclosure Policy(1 mappings)

29147-9.2Contact mechanisms and scope
SAPIN2-1Code of Conduct

Related Comparisons

Other ISO/IEC 29147:2018 comparisons

ISO/IEC 29147:2018 vs NIST AI Risk Management Framework (AI RMF 1.0)8 mappingsISO/IEC 29147:2018 vs NIST AI 600-1: Generative AI Profile8 mappingsISO/IEC 29147:2018 vs ISO/IEC 29134:20237 mappingsISO/IEC 29147:2018 vs ISO 270177 mappingsISO/IEC 29147:2018 vs South Korea ISMS-P7 mappingsISO/IEC 29147:2018 vs Singapore Government Instruction Manual on ICT&SS Management (IM8)7 mappingsISO/IEC 29147:2018 vs FTC GLBA Safeguards Rule (16 CFR Part 314)7 mappingsISO/IEC 29147:2018 vs PAS 1192-5:2015 - Security-Minded Approach to BIM and Digital Built Environments7 mappings

Other French Sapin II Law (Law No. 2016-1691) comparisons

NIS2 Directive vs French Sapin II Law (Law No. 2016-1691)6 mappingsNIST AI Risk Management Framework (AI RMF 1.0) vs French Sapin II Law (Law No. 2016-1691)5 mappingsNIST AI 600-1: Generative AI Profile vs French Sapin II Law (Law No. 2016-1691)5 mappingsFederal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) vs French Sapin II Law (Law No. 2016-1691)5 mappingsPAS 1192-5:2015 - Security-Minded Approach to BIM and Digital Built Environments vs French Sapin II Law (Law No. 2016-1691)5 mappingsNew Zealand Information Security Manual (NZISM) vs French Sapin II Law (Law No. 2016-1691)5 mappingsMARS-E - Minimum Acceptable Risk Standards for Exchanges vs French Sapin II Law (Law No. 2016-1691)5 mappingsSouth Korea Cloud Security Assurance Program (CSAP) vs French Sapin II Law (Law No. 2016-1691)5 mappings

Stop Paying Consultants to Read Spreadsheets

AI-powered compliance intelligence across 730 frameworks — at a fraction of consulting costs.

$0/forever

Free

  • 730 framework browser
  • Cross-framework mappings (488K+)
  • 824 compliance assessments
  • 3 AI queries & searches per day
Get Started Free
Recommended
$49/month

Professional

  • Unlimited AI Compliance Advisory
  • Unlimited full-text search
  • Framework self-assessment
  • PDF, Excel & CSV exports
Start 7-Day Free Trial →

Popular framework comparisons

NIST CSF vs NIST 800-53ISO 27001 vs NIST CSFCMMC vs NIST 800-53FedRAMP vs NIST 800-53NIST CSF vs SOC 2HIPAA vs NIST 800-53ISO 27001 vs SOC 2ISO 27001 vs ISO 27701

What are the key differences between ISO/IEC 29147:2018 and French Sapin II Law (Law No. 2016-1691)?

ISO/IEC 29147:2018 has 40 controls across its framework, while French Sapin II Law (Law No. 2016-1691) covers 33 controls. Direct mapping analysis identifies 7 overlapping controls (12% coverage). The frameworks diverge most significantly in Clause 6: Receiving Vulnerability Reports, where 7 ISO/IEC 29147:2018 controls have no direct French Sapin II Law (Law No. 2016-1691) equivalent.

How many controls map between ISO/IEC 29147:2018 and French Sapin II Law (Law No. 2016-1691)?

Of 40 total ISO/IEC 29147:2018 controls, 7 map directly to French Sapin II Law (Law No. 2016-1691) controls — representing 12% coverage. The remaining 41 controls represent compliance gaps requiring additional documentation or compensating controls to satisfy both frameworks simultaneously.

What are the compliance gaps when mapping ISO/IEC 29147:2018 to French Sapin II Law (Law No. 2016-1691)?

41 ISO/IEC 29147:2018 controls have no direct equivalent in French Sapin II Law (Law No. 2016-1691). The highest concentration of gaps is in Clause 6: Receiving Vulnerability Reports with 7 unmapped controls. These gaps represent areas where additional controls, policies, or documentation must be created to achieve compliance with both frameworks.

Which control domains have the most gaps between ISO/IEC 29147:2018 and French Sapin II Law (Law No. 2016-1691)?

The domain with the highest gap count is Clause 6: Receiving Vulnerability Reports (7 gaps). Export the full domain-by-domain gap breakdown via the Professional tier to generate a prioritised remediation roadmap.

Related Resources

How to Map Controls Across Frameworks|Multi-Framework Compliance Guide|Compliance Glossary

This platform provides educational compliance tools, not legal, regulatory, or professional compliance advice. Cross-framework mappings are AI-assisted interpretations and do not reproduce or replace official standards. Framework names and trademarks belong to their respective owners. Consult qualified professionals for your specific compliance requirements. See our Terms of Service.