500+ Templates | 1,800+ Assessment Questions

Compliance
Standards

Nineteen international frameworks. One unified platform for complete compliance coverage.

View Standards Get in Touch

19

Standards

500+

Templates

1,800+

Assessment Questions

170+

Training Modules

IMS

Ready

Comprehensive Compliance Coverage

Nineteen International Standards

One platform. Nineteen frameworks. Complete governance. From information security to business continuity, from AI governance to UK certifications, GRCxAI provides unified compliance management across the standards that matter most to your organisation.

30 templates | 150 questions

ISO 27001:2022

Information Security Management System (ISMS)

The global gold standard for information security. Covers 4 domains: Organizational Controls (37), People Controls (8), Physical Controls (14), and Technological Controls (34).

32 templates | 160 questions

ISO 42001:2023

AI Management System (AIMS)

The world's first international AI governance standard. Covers AI risk assessment, data governance, model lifecycle management, bias & fairness, and continuous monitoring.

40 templates | 47 questions

ISO 22301:2019

Business Continuity Management System (BCMS)

Ensure your organisation can continue operating through disruptions, disasters, and crises with systematic preparation and response capabilities. Includes BIA wizard, recovery strategy planning, and crisis communication templates.

35 templates | 40 questions

ISO 31000:2018

Risk Management

The foundational standard for enterprise risk management applicable to any organisation, sector, or risk type. Establish a consistent, organisation-wide approach to identifying, analysing, evaluating, and treating risks.

42 templates | 48 questions

ISO 37001:2016

Anti-Bribery Management System (ABMS)

The global benchmark for anti-bribery management. Demonstrate your commitment to ethical business practices with robust controls against bribery, corruption, and financial crime.

40 templates | 45 questions

ISO 37301:2021

Compliance Management System (CMS)

Build a culture of compliance that goes beyond meeting minimum requirements to creating genuine organisational integrity and stakeholder trust.

48 templates | 121 questions ⭐

ISO 45001:2018

Occupational Health & Safety

The world's most widely adopted OH&S standard. Create safer workplaces, reduce incidents, and demonstrate your commitment to worker wellbeing. Our most comprehensive pack with 48 templates including hazard identification, JSA, permits to work, and psychosocial hazard management.

30 templates | 150 questions

GDPR

General Data Protection Regulation

The EU's comprehensive privacy framework. All 11 chapters and 99 articles covered including data subject rights, lawful basis, breach notification, and DPIAs.

40 templates | 205 questions

SOC 2 Type II

Trust Service Criteria

The de facto standard for service organizations. Covers Security (required), Availability, Processing Integrity, Confidentiality, and Privacy principles.

33 templates | 170 questions

PCI DSS 4.0.1

Payment Card Industry Data Security Standard

Protect cardholder data with the latest requirements. 12 requirements covering network security, encryption, access control, and security management.

34 templates | 162 questions

NIST CSF 2.0

Cybersecurity Framework Version 2.0

The six-function approach: Govern (new in 2.0), Identify, Protect, Detect, Respond, and Recover. Enhanced supply chain and implementation guidance.

35 templates | 45 questions

ISO 27017:2015

Cloud Security Controls

International standard providing guidelines for information security controls applicable to cloud service provision and use. Covers shared responsibility, multi-tenancy, data isolation, and virtual machine security.

38 templates | 50 questions

ISO 27018:2019

Cloud Privacy Protection

Controls for protecting personally identifiable information (PII) in public cloud computing environments. Extends ISO 27001/27002 with privacy-specific requirements for cloud service providers acting as PII processors.

50 templates | 65 questions

ISO 27701:2019

Privacy Information Management System (PIMS)

Extension to ISO 27001/27002 supporting GDPR compliance. Covers requirements for both PII controllers and processors including data subject rights, consent management, and privacy by design.

25 templates | 35 questions

Cyber Essentials 2023

UK Government Cyber Certification

UK Government-backed certification scheme protecting against common cyber attacks through five technical controls: firewalls, secure configuration, user access control, malware protection, and security updates.

30 templates | 40 questions

Cyber Essentials Plus 2023

Enhanced UK Cyber Certification

Builds upon Cyber Essentials with independent technical verification including vulnerability scanning, configuration review, and simulated phishing tests by an authorised assessor.

45 templates | 55 questions

IASME Cyber Assurance 2023

UK Governance-Based Cyber Security

Incorporates Cyber Essentials Plus with additional controls covering risk management, incident response, business continuity, and security awareness. A stepping stone towards ISO 27001 for UK organisations.

35 templates | 45 questions

IASME DCC 2023

Data Compliance Certification

UK data protection certification demonstrating GDPR compliance for SMEs. Covers lawful basis, privacy notices, data subject rights, breach notification, and Records of Processing Activities (ROPA).

40 templates | 50 questions

IASME MSP 2024

Managed Service Provider Assurance

Specialist certification for MSPs and IT support companies. Addresses unique security challenges of managing multiple client environments including privileged access management, multi-tenant security, and supply chain security.

UK Corporate Governance Code | Effective Jan 2026

Provision 29 — Principal Risks & Uncertainties

Beyond our 19 compliance standards, GRCxAI includes a purpose-built module for Provision 29 of the UK Corporate Governance Code. Designed for UK-listed companies, it provides a structured approach to identifying, assessing, and reporting on principal risks and uncertainties.

Principal Risk Register
Board Oversight Tracking
Control Effectiveness Testing
Operational Risk Linkage
AI Annual Report Generation
KRI Monitoring & Alerts
Immutable Audit Trail
Viability Statement Support
Learn More About Provision 29

Get Started

Ready to Achieve Compliance?

Start managing all 19 standards from a single, unified platform.

Get in Touch Contact Sales
info@aibizzapps.com