Essential GRC
Your compliance starting point.
- Gap assessment against ISO 27001
- Foundational policy development
- Clear picture of where you stand and what's required
GRC built on the standards that matter
ISO 27001 and ISO 42001 compliance, without the guesswork. Structured frameworks, AI-assisted analysis, and clear paths to certification — for organisations that take information security and AI governance seriously.
No long-term commitment. Transparent pricing. Built by practitioners.
GRC App — coming soon
Choose the level that fits where you are
Whether you're starting from scratch or maturing an existing programme, there's a tier for your stage.
Standard
Structure and visibility across your programme.
- Everything in Essential
- Structured risk management and control ownership
- Evidence tracking to keep your programme audit-ready
Plus
Full implementation support with AI assistance.
- Everything in Standard
- AI-assisted gap analysis and policy generation
- Continuous compliance monitoring
Comprehensive
ISO 27001 and ISO 42001, end to end.
- Everything in Plus
- Full ISO 42001 AI management system implementation
- For organisations managing information security and AI governance together
Compliance that works the way your business works
Practical GRC support grounded in ISO standards — whether you're preparing for certification, responding to a client requirement, or building a long-term security programme.
Grounded in the actual standards
Every recommendation, control, and policy traces directly back to ISO 27001:2022 or ISO 42001:2023. No generic frameworks, no guesswork.
AI-powered analysis
Built-in AI assistance for gap analysis, risk narrative generation, and policy drafting — referenced against the ISO source documents, not general knowledge.
Built for practitioners
Designed by an ISO 27001 implementer with hands-on experience across policy writing, risk management, and security governance in regulated environments.