Enterprise-grade GRC, at SME prices.
We are finalising pricing ahead of general availability. Register your interest and we will send you the full pricing pack — including early-adopter terms — the moment it is published.
Register your interestThree things decide what you pay.
The Core platform
One subscription, priced by organisation size
- All thirteen Core services
- The Context of Organization Builder and the Applicability Certainty Model
- Third-party risk management and the audit log, bundled in
- Priced by headcount band — a twenty-person company does not pay enterprise rates
Core plus packs
Add only the domain packs you actually need
- Everything in the Core platform
- Any combination of the domain packs below
- Packs that share controls are discounted when bought together
- Cross-pack dashboards and a single risk register
Standalone pack
A single pack on a Core-light shell
- One domain pack, deployed on its own
- For teams solving one problem first
- Upgrades into the full platform without re-implementation
- Your data and configuration come with you
Organisations who register before general availability qualify for early-adopter pricing, held for the duration of the term.
Build the plan you actually need.
Packs are sector-agnostic at the Core and schema-aligned to the relevant standard. Take them integrated, or standalone on a Core-light shell.
Whistleblowing & Speak-up with triage and internal investigations, paired with Conflict of Interest — declarations feed the speak-up and investigations process.
Gifts & hospitality register with thresholds and public-official flags; full anti-bribery programme (risk assessment, intermediary due diligence) coming.
AML programme framework, transaction monitoring, SAR/STR workflow, regulator reports.
Customer and enhanced due diligence, PEP and sanctions screening, ongoing monitoring.
Supplier risk, modern-slavery screening, transparency, critical-supplier monitoring.
Vendor lifecycle, due diligence, continuous monitoring — bundled with Core. TPRM+ premium adds concentration risk, contractual safeguards and 4th-party tracking.
Materiality, GHG inventory (Scope 1/2/3), target tracking, framework disclosures.
Crypto-asset service provider readiness, crypto AML, market-abuse surveillance.
Grassroots GRC + event-ops: policies, training matrix, safeguarding, volunteer rota.
Fraud risk register, red-flag monitoring, investigations (reuses the Ethics investigations engine).
Incident response, crisis teams, tabletops, BIA, recovery strategies, RTO/RPO, dependency mapping.
Security policies, ISMS controls, vulnerability management, access reviews.
ROPA, DPIAs, data-subject requests, breach register, cross-border transfer registers.
Availability shown is live. We do not sell what we have not built.
Be first to see the pricing.
Tell us who you are and we will send the full pricing pack the moment it is published, along with early-adopter terms. No obligation, and we will not pass your details to anyone.
- Built by a team that has been involved in the development of ISO standards for over ten years.
- Governance, Risk and Compliance on one integrated platform — not a stitched-together toolset.
- Truly global — multi-entity, multi-jurisdiction, sector-agnostic.