Express Pack
Fast baseline for one requirement set
€1,200
Best when you need reviewer ready basics quickly.
Audit-first documentation
Audit-ready security and compliance documentation in days
Policy and procedure suite, mapping workbook, and evidence templates tailored to your tools and processes. Aligned to ISO 27001, SOC 2, GDPR, NIS2, NIST CSF, or CIS Controls. Delivered with implementation notes so your team can roll it out confidently.
For SaaS teams and IT leaders who need audit ready documentation fast for ISO 27001, SOC 2, GDPR, NIS2, NIST CSF, or CIS Controls.
In the box: policy and procedure suite, mapping workbook, evidence checklist, implementation notes, and a handover call.
Inspect before you buy
Download redacted artefacts and inspect structure, mapping, evidence cues, and implementation notes.
Download sample packFixed scope you can price
Each pack has a concrete artefact list and a controlled revision loop.
See pricingQuality is a system
QA checklist, mapping completeness checks, and structured delivery. Not “best effort”.
Process and QAPick the pack that matches your deadline
Fixed price, fixed artefact list, and implementation notes so your team can roll it out confidently.
Tailored Core Pack
Audit readiness under a real deadline
Most popular
€2,500
Best when an audit window, enterprise deal, or regulator deadline is on the line.
Compliance Plus Pack
Two requirement sets in one coherent system
From €5,000
Best when you need two requirement sets without duplicated work.
Enterprise Custom
Regulated or complex organisations with bespoke scope
From €10,000
Best when scope must be designed around your environment and stakeholders.
Pack finder
Not sure which pack you need?
Pick the requirement set, your deadline, and what triggered the work. We will recommend the best fit.
Choose options and click “Get a recommendation”.
What the deliverables look like
Four key artefacts from the sample bundle. Download and inspect.
Download
Policy excerpt
Redacted, audit-style structure with ownership and versioning.
Download
Control mapping workbook
How controls map to policies, evidence, and owners.
Download
Evidence checklist
Concrete evidence prompts that reduce reviewer back-and-forth.
Download
Implementation notes
Practical rollout steps, pitfalls, and evidence cues.
How delivery works in practice
A simple, repeatable flow with clear inputs and controlled revisions.
Day 0 to 1
Intake and scope confirmation. We align on framework expectations, owners, and constraints.
Days 2 to 10
Tailor policies and procedures to your tools and processes. Build mappings and evidence prompts.
Revisions + handover
Minor revisions within fixed scope, then editable docs plus reviewer-friendly PDFs.
Make it feel real
Three common scenarios, anonymised. Outcome depends on implementation and evidence capture.
Example scenario
SaaS CTO closing an enterprise deal
Situation: A prospect’s security review blocks signature. The team has controls in place, but documentation is scattered.
Delivered: Tailored Core Pack plus mapping workbook and evidence checklist. Implementation notes focus on reviewer questions and evidence cues.
Result: A coherent, reviewer-ready story that reduces back-and-forth and speeds procurement.
Example scenario
IT lead with an ISO 27001 audit window
Situation: Audit date is set. Owners and approvals exist, but policies and procedures are incomplete or inconsistent.
Delivered: ISO 27001 aligned suite with ownership fields, review cadence, and an evidence plan tied to real tools.
Result: Documentation becomes a rollout plan, not a binder. Teams know what to do next.
Example scenario
Preparing for NIS2 scope and evidence expectations
Situation: Regulatory scope is confirmed. Policies exist, but ownership and evidence expectations are unclear.
Delivered: Tailored Core Pack aligned to NIS2 oriented operational documentation plus an evidence plan tied to real tools and owners.
Result: Clear responsibilities and evidence cues that reduce risk of last minute scramble.