eosl.ai
Standards alignment

How EOSL.ai supports asset-lifecycle & unsupported-component controls

EOSL.ai is a source-linked hardware end-of-service-life (EOSL) database built to support asset inventory, lifecycle review, and unsupported-component decisions. This page maps what it provides to the controls that security and audit frameworks describe — with a citable vendor source behind every date.

CIS Control 1 AlignedNIST SA-22 Unsupported-Component ReviewSource-Linked EOSL EvidenceLifecycle Exposure ScoringPart-Number-Level CoverageMarkdown & JSON Export
What this is — and isn't. EOSL.ai is not certified by, endorsed by, or formally compliant with any framework below, and it does not certify your environment. It is a reference that maps hardware EOSL facts to the asset-inventory and unsupported-component controls these frameworks describe, so you can document lifecycle decisions with a source. Where a control needs saved inventory, monitoring or alerting, that is Stack Monitor, which is in development.

Control mapping matrix

FrameworkHow EOSL.ai supports the workflowEvidence you can produce
CIS Controls v8Control 1 — Inventory & Control of Enterprise AssetsLook up any enterprise asset by part number and record its vendor support status; bulk-check a whole inventory in one pass.A dated asset-lifecycle list showing each part's support status and its source bulletin.
NIST SP 800-53 Rev. 5SA-22 — Unsupported System ComponentsIdentify which components are past vendor end-of-service-life, with the vendor bulletin as the authority for each date.An unsupported-component review with EOSL date, source URL and last-verified date per part.
NIST CSF 2.0ID.AM / PR.PS — asset & platform lifecycle managementTrack where each asset sits on its lifecycle clock and its Action Priority — Immediate, Soon, Plan or Monitor.A lifecycle-status export ranking assets by end-of-service exposure.
ISO/IEC 27001:2022A.5.9 / A.8.9 — inventory & configuration of assetsMaintain a source-linked record of hardware support status to inform asset and configuration reviews.Asset-review notes citing the vendor end-of-life bulletin behind each date.
SOC 2Availability / change-management supportSurface end-of-life risk that feeds availability and change planning; saved monitoring is Stack Monitor (in development).Records showing when a part's support status was last verified, and its source.

What each framework cares about

CIS Control 1 — Enterprise Asset Inventory

Know and control the hardware you run. EOSL.ai supplies the vendor support status and lifecycle dates for each tracked part, source-linked — the lifecycle layer of an asset inventory.

NIST SP 800-53 SA-22 — Unsupported Components

Find and manage components the vendor no longer supports. EOSL.ai flags hardware past end-of-service-life with the vendor bulletin cited, so an unsupported-component review is documented, not guessed.

NIST CSF 2.0 — Asset & Platform Lifecycle

Manage assets across their lifecycle. EOSL.ai grades each family by Action Priority — Immediate, Soon, Plan or Monitor — so exposure is ranked, not just listed.

ISO/IEC 27001:2022 — Asset Management

Maintain and review an asset inventory. EOSL.ai is a source-linked record of hardware support status you can cite in asset and configuration reviews.

SOC 2 — Availability & Change

End-of-life hardware is an availability and change-planning risk. EOSL.ai surfaces that risk with a verifiable date and source; saved monitoring is planned in Stack Monitor.

What EOSL.ai does not do

It does not certify, attest, or assess your environment, and it is not a GRC platform. It provides the source-linked lifecycle facts those processes reference.

Standards & compliance questions

Is EOSL.ai certified, compliant with, or endorsed by these frameworks?

No. EOSL.ai is not certified by, endorsed by, or formally compliant with CIS, NIST, ISO or AICPA, and it does not certify your environment. It is a source-linked reference that maps hardware end-of-service-life facts to the asset-inventory and unsupported-component controls these frameworks describe, so you can document lifecycle decisions with a citable source.

How does EOSL.ai support CIS Control 1?

CIS Control 1 is about knowing and controlling the enterprise assets you run. EOSL.ai lets you look up any tracked part number — or bulk-check a whole inventory — and see each asset's vendor support status with a link to the source bulletin, which supports the inventory and lifecycle side of that control.

What is NIST SP 800-53 SA-22 and how does EOSL.ai help?

SA-22 (Unsupported System Components) asks organizations to identify and manage components that are no longer supported by the vendor. EOSL.ai identifies hardware that is past its vendor end-of-service-life date, with the vendor's own end-of-life bulletin cited for each date, so you can document an unsupported-component review.

Can I use EOSL.ai as audit evidence?

EOSL.ai gives you the underlying facts — the end-of-sale and end-of-service-life dates, the source bulletin URL, and the last-verified date for each part — which you can attach to an asset review. It does not replace an auditor's judgment or a formal control assessment; it provides the source-linked evidence those assessments reference.

Does EOSL.ai replace a compliance or GRC tool?

No. EOSL.ai is a hardware lifecycle data source, not a GRC platform. It answers one question with a citation — is this hardware still supported by the vendor — which feeds the asset-inventory and unsupported-component parts of the frameworks above. Saved inventories, monitoring and alerts are planned in Stack Monitor.

Check your hardware →See unsupported hardware →