Cloud Software

A flexible and versatile powerful cloud software service with easy to use functionality whether you are new to information security management, an improver or seasoned expert

Explore features below

Policy Creation, Management & Governance

Manage your ISMS requirements, policies and controls in one place

  • Get a head start with pre-built regulation, certification, and standards frameworks to meet GDPR, ISO 27001:2013, ISO 9001:2015, NIST Cyber Security, NIS Regulations, DSP Toolkit, Cyber Essentials, PCI:DSS, PSN CoCo, Cloud Security Principles and more
  • Easily input information – create policies, controls, and other information quickly
  • See progress and completion of your ISMS at all times
  • Work well with your team using built-in collaboration features, visible audit trails with version control management and updates throughout
  • Follow an efficient approval process to demonstrate independent evaluation, and set automated policy reminders and alerts for review

Let’s get more in-depth with ISMS Policy Management…

Information Asset Inventory
  • Meet ISO 27001 requirements for your asset inventory quickly and easily and without complicated spreadsheetsinformation asset inventory for iso27001
  • Bring your inventory to life by connecting it up to risks, controls, and supply chain, and take other actions that demonstrate your assets are well protected
  • Also, deliver GDPR requirements for a personal data inventory and show how it all joins up with your broader security protocols

See how to manage your assets without complex spreadsheets…

Risk Management & Other Decision Support Tools

Identify then address risks, follow applicable legislation and address interested parties using dynamic, visual, collaborative tools

  • Effectively manage Information Security Risks, Applicable Legislation, and Interested Parties
  • Save weeks of work using our comprehensive risk bank pre-mapped to suggested ISO 27001:2013/17 Annex A controls
  • Dynamically link to your Information Asset Inventory, and wider ISMS
  • Quickly and easily add your own risks, applicable legislation, and interested parties
  • Assign and set review dates
  • Treat risks, capture evidence, and retain a full audit trail
  • Work dynamically alone or online in teams

Discover how you can assess and manage risk with…

Statement of Applicability for ISO 27001

Make light-work of what is commonly considered a time-consuming and cumbersome task when managing in spreadsheets.

  • Dynamically populate your Statement of Applicability (SoA) from within each of your ISO 27001 Annex A Control activitiesstatement of applicability in
  • Includes standard justifications for the inclusion or exclusion of each control
  • Follow the links from identified risk and relevant controls, through to the control policy itself and then to the SoA (and in reverse so that your auditor can see the risks associated with the included control too!)
  • Dynamically controlled to easily remain in sync with your controls as they are reviewed for inclusion/exclusion
  • Share with auditors, or customers, by simply adding them as a controlled user to your online ISMS or export to physical report.

Discover just how simple and time-saving our dynamic SoA is…

Audits, Management Reviews and Corrective Actions

 Easily measure and demonstrate the effectiveness of your ISMS.

  • Evidence governance with practical audits & management reviews
  • graph showing improvements in the isms by issues created and resolvedMonitor objectives against KPI’s
  • Evidence non-conformities and corrective actions and identify areas for continual improvement, meeting requirement 10 of ISO 27001:2013
  • Manage through proven work processes, retaining information to create a full audit trail to save time later
  • Navigate and share easily to reduce management overhead

See how you can monitor data ideal for external audits...

Strategic Insight from Clusters & Dashboards

Bring together the visual overview you need to run your ISMS effectively

Make light of your management reviews and committee meetings to demonstrate you
are in control of your ISMS and can be trusted with ISMS Management Dashboardvaluable information. Using Clusters you can pull together any initiatives and report around them, and with each initiative area having its own automated reporting and statistics it means no more excel, powerpoint or wasting time on reporting performance or chasing on progress.

Discover how greater visibility drives better performance management…

Incident Management

Whether working towards ISO 27001 or managing GDPR compliance, you will need to demonstrate effective security incident management.

  • Evidence an end-to-end management of incidents & track events and weaknesses, following our proven work processesincident management tracking for gdpr and iso 27001
  • Filter reporting by customisable settings that include notification to regulators and victims in line with EU GDPR
  • Manage and drive performance improvements using incident stats
  • Handle business continuity & disaster recovery planning

Discover how the software can smooth your incident management actions…

Human Resource Security

Manage information security within HR through pre-built frameworks that save you time and effort during repeatable processes

initiatives page in isms online

  • Complete screening and recruitment, inductions, in-life compliance, training, exit and change
  • Collaborate using easy to administer teams
  • Group HR initiatives together using our simple ‘Cluster’ functionality that makes access, navigation and analysis fast and effective


Discover how to improve your HR security processes…

Staff Communication, Training & Awareness

Improving your staff communications and awareness is a fundamental part for strong information security in your organisation.

updates fields including tasks and discussions

  • Collaborate in groups
  • Set tasks for specific compliance work
  • Improve learning and development
  • Elevate employee engagement
  • Link to policies & controls
  • Demonstrate engagement for impact assessments and consultations


See how the cloud software can improve your staff information security awareness…

Staff & Supplier Compliance 'Policy Packs' *

Ever wanted to pull together a specific set of policies and control guides for a target audience, see if they have read them and confirmed their compliance? Now you can do that easily with Compliance Policy Packs.

ISO 27001 Policy Pack for staff |

  • Create as many unique groups as you need and select the policies relevant to that audience, reducing the chance of ‘policy overload’ for your staff and increasing the chance they will be effective for your organisation
  • Include their policies for ISO 27001, ISO 9001, GDPR and any other project you are managing in
  • Send an email link to the audience in that group – they get a Policy Pack with a great ‘Kindle’ like reading experience and can mark each policy as read
  • You can monitor they have read and accepted their compliance task

Now you have one simple and secure place to create, manage and share your policies and capture all the evidence your auditors or regulators need to demonstrate your organisation is serious about information security.

Discover how simple it is to get all your staff visibly compliant…

Supply Chain Management for Information Security*

Satisfy the requirements of GDPR, and Section 15 of ISO 27001, to manage supply chain relationships:


  • Manage supplier contracts and contacts, and capture the GDPR requirement to hold DPO’s for all relevant suppliers
  • Create simple links from your disaster recovery plan for speedy retrieval from an independent and ‘always-on’ cloud solution
  • Link accounts to associated risks for ongoing management, fast analysis and improved decision-making
  • Monitor and review supplier services & changes to services, setting KPI’s and capturing evidence with a clear and full audit trail
  • Capture contacts interest and satisfaction levels with quick and easy reporting
  • Categorise contracts by type and status and record power and interest levels for powerful management overview and action
  • It’s simple to create a cluster of supply chain partners to make it easy and fast to navigate and share information…you can even set up supply chain communication groups where required


Understand how simplifies supply chain management…

Privacy Impact Assessments & Project Management for Information Security

Following ISO 27001?  You will need to address information security within project management, as required by 6.1.5 of the standard. To meet regulations like GDPR, you will need to demonstrate your approach to Privacy Impact Assessments.

privacy impact management

  • Use prebuilt accredited templates or build your own repeatable frameworks with security considerations at its core
  • It’s fast and simple to create additional standard or compliance frameworks, cutting down on the duplication across them
  • Complete project work, collaborating with colleagues with assigning, tasking, due dates, discussion areas and a place to evidence workings
  • Set KPI’s and measure performance
GDPR Frameworks & Tools*

In addition to the core ISMS, you will be able to achieve the following:

  • Follow the full GDPR regulation as a project framework and capture your evidence, policies and workings to demonstrate compliance
  • For SME’s, follow the UK Information Commissioners Office (ICO) approved self-assessment framework and capture your evidence, policies, and workings to demonstrate compliance
  • Easily collaborate with teams, assigning tasks and due dates to ensure you meet timelines
  • Simply record the data you hold, and categorise your processing activities, using our integrated Personal Data Inventory & Records Processing Tracker
  • Follow a work process for tracking Subject Access Requests, assigning and setting due dates and reminders to ensure deadlines are met
  • Use our relationship management accounts area to record DPO’s of outsourced partners, as required by GDPR
  • Manage incidents and risks using ISO 27001 certified tools and policies
  • Conduct Privacy Impact Assessments and evidence findings.

Read more about how can help you achieve GDPR compliance…

Integrated Virtual Coach and Assured Results Method (ARM)*

Integrated within the platform, is the knowledge and documentation that you need for success. Alongside this, there are two additional resources to help you achieve even more for less, and keep you on the right path. These are the Virtual Coach and Assured Results Method – ARM.

Features of the Virtual Coach include:

  • 24/7 online availability
  • Practical guidance for how to meet each of the ISO 27001 core requirements and Annex A controls
  • Quickly and easily achieve a certifiable ISMS
  • Videos, templates, checklists and guides for planning the implementation, meeting the core requirements of ISO 27001:2013/17 and all the Annex A controls

In addition to Virtual Coach, the Assured Results Method (ARM) is a proven path to success for your ISO 27001 implementation activity. When using it alongside Virtual Coach, ARM gives you a better starting point, as it uses a hybrid approach so to be the most efficient and effective way to achieve your certification.

*Optional features and packages

“We’ve made more ISO 27001 progress in the last 2 weeks using than we have in the past year. We looked at a few other solutions and none came anywhere near to delivering the pragmatic processes needed for the complete ISMS.”

Workforce Development Trust

See in action

Software Name: Software Description: is an information security management system software that helps businesses achieve standards of quality, cyber security and data protection compliance. Software Image: Author: Review Date:
ISMS Online Rating: 5 out of 5
Share This