# dora-nis2-crosswalk-mcp
# Purpose: DORA × NIS2 crosswalk for entities in scope for BOTH regimes (banks, insurers, payment institutions, CTPPs).
# Context: ~65% of DORA Art 5-30 obligations overlap with NIS2 Art 21-23. This MCP maps the overlap so you don't audit twice.

## Install
```bash
pip install dora-nis2-crosswalk-mcp
```

## Auth & Rate Limits
- Free tier: 10 calls/day. No API key required.
- Pro tier (£79/mo): unlimited + signed attestations. https://buy.stripe.com/14A4gB3K4eUWgYR56o8k836
- Enterprise (£1,499/mo): white-label + on-premise. hello@meok.ai
- All tools accept optional `api_key` parameter.

## Tools (4)

### `list_overlapping_obligations((none))`
Return the full DORA → NIS2 crosswalk table with shared evidence + regime-specific

### `compare_reporting_clocks((none))`
Show side-by-side DORA vs NIS2 incident-reporting clocks.

### `check_dual_compliance(entity_name: str, controls_csv: str)`
Score dual DORA + NIS2 compliance given a comma-separated list of current controls.

### `sign_dual_compliance_attestation(entity_name: str, overall_score: float, findings_csv: str = "", include_pdf_base64: bool = False)`
Generate a cryptographically signed DORA × NIS2 dual-compliance attestation (Pro+).

## Pairs with
- `meok-attestation-verify` — public verification of signed certs
- `meok-attestation-api` (https://meok-attestation-api.vercel.app) — HMAC signing endpoint
- Other MEOK governance MCPs via `mcp_bridge_call`

## Maintainer
MEOK AI Labs · hello@meok.ai · https://meok.ai · MIT licensed