Compliance audits, run as guided workflows.

Frameworks

Frameworks supported today.

ISO 27001

Information security management. Annex A controls, statement of applicability, internal audit and management review.

ISO 9001

Quality management system. Clause-based assessment and corrective actions.

GDPR DPIA

Article 35 data protection impact assessment. Questionnaire, evidence and risk-tagged report.

PCI DSS

Self-assessment questionnaire scoping, control tracking and QSA handoff.

How it works

Three steps for every workflow.

01

Sign in and pick a framework. Each one opens as its own workflow with the controls or questions already loaded.

02

Answer, attach evidence, assign owners. Notes and files live next to the question they belong to.

03

Export a structured report. Compliance status, gaps and supporting evidence stay accessible in the workspace afterwards.

Who runs them

Self-serve or guided by a consultant.

Every workflow can be run by your own team, or jointly with an independent consultant who works inside the same workspace. The consultants page lists the directory.

Self-serve

Your team runs the workflow end to end inside the platform. No external party required.

Guided

Bring in a consultant from the directory. They review the same workflow alongside your team; their fee is added to the platform fee and prorated by the day.

Pricing

Metered per workflow, prorated by the day.

There is no annual contract and no per-seat fee. Each workflow has its own active and passive rate. You see the exact daily number inside the product before any assessment is launched.

Free to start

The first assessment on your first workflow is free for the first month. No card required.

Per-workflow meter

Each workflow has its own active and passive rate. Active while you work; passive when the assessment ships and the record stays live.

Prorated daily

Charges are computed by the day. Cancel any time; the meter stops on the cancel date.