500+ Templates | 1,800+ Assessment Questions

Compliance
Standards

Twenty-six international frameworks. One unified platform for complete compliance and ESG coverage.

View Standards Request a Demo

26

Standards & Frameworks

500+

Templates

1,800+

Assessment Questions

170+

Training Modules

IMS

Ready

Comprehensive Compliance Coverage

Twenty-Six International Standards & Frameworks

One platform. Twenty-six frameworks. Complete governance. From information security to business continuity, from AI governance to ESG & Sustainability, plus UK certifications — GRCxAI provides unified compliance management across the standards that matter most to your organisation.

30 templates | 150 questions

ISO 27001:2022

Information Security Management System (ISMS)

The global gold standard for information security. Covers 4 domains: Organizational Controls (37), People Controls (8), Physical Controls (14), and Technological Controls (34).

32 templates | 160 questions

ISO 42001:2023

AI Management System (AIMS)

The world's first international AI governance standard. Covers AI risk assessment, data governance, model lifecycle management, bias & fairness, and continuous monitoring.

40 templates | 47 questions

ISO 22301:2019

Business Continuity Management System (BCMS)

Ensure your organisation can continue operating through disruptions, disasters, and crises with systematic preparation and response capabilities. Includes BIA wizard, recovery strategy planning, and crisis communication templates.

35 templates | 40 questions

ISO 31000:2018

Risk Management

The foundational standard for enterprise risk management applicable to any organisation, sector, or risk type. Establish a consistent, organisation-wide approach to identifying, analysing, evaluating, and treating risks.

42 templates | 48 questions

ISO 37001:2016

Anti-Bribery Management System (ABMS)

The global benchmark for anti-bribery management. Demonstrate your commitment to ethical business practices with robust controls against bribery, corruption, and financial crime.

40 templates | 45 questions

ISO 37301:2021

Compliance Management System (CMS)

Build a culture of compliance that goes beyond meeting minimum requirements to creating genuine organisational integrity and stakeholder trust.

48 templates | 121 questions ⭐

ISO 45001:2018

Occupational Health & Safety

The world's most widely adopted OH&S standard. Create safer workplaces, reduce incidents, and demonstrate your commitment to worker wellbeing. Our most comprehensive pack with 48 templates including hazard identification, JSA, permits to work, and psychosocial hazard management.

30 templates | 150 questions

GDPR

General Data Protection Regulation

The EU's comprehensive privacy framework. All 11 chapters and 99 articles covered including data subject rights, lawful basis, breach notification, and DPIAs.

40 templates | 205 questions

SOC 2 Type II

Trust Service Criteria

The de facto standard for service organizations. Covers Security (required), Availability, Processing Integrity, Confidentiality, and Privacy principles.

33 templates | 170 questions

PCI DSS 4.0.1

Payment Card Industry Data Security Standard

Protect cardholder data with the latest requirements. 12 requirements covering network security, encryption, access control, and security management.

34 templates | 162 questions

NIST CSF 2.0

Cybersecurity Framework Version 2.0

The six-function approach: Govern (new in 2.0), Identify, Protect, Detect, Respond, and Recover. Enhanced supply chain and implementation guidance.

35 templates | 45 questions

ISO 27017:2015

Cloud Security Controls

International standard providing guidelines for information security controls applicable to cloud service provision and use. Covers shared responsibility, multi-tenancy, data isolation, and virtual machine security.

38 templates | 50 questions

ISO 27018:2019

Cloud Privacy Protection

Controls for protecting personally identifiable information (PII) in public cloud computing environments. Extends ISO 27001/27002 with privacy-specific requirements for cloud service providers acting as PII processors.

50 templates | 65 questions

ISO 27701:2019

Privacy Information Management System (PIMS)

Extension to ISO 27001/27002 supporting GDPR compliance. Covers requirements for both PII controllers and processors including data subject rights, consent management, and privacy by design.

25 templates | 35 questions

Cyber Essentials 2023

UK Government Cyber Certification

UK Government-backed certification scheme protecting against common cyber attacks through five technical controls: firewalls, secure configuration, user access control, malware protection, and security updates.

30 templates | 40 questions

Cyber Essentials Plus 2023

Enhanced UK Cyber Certification

Builds upon Cyber Essentials with independent technical verification including vulnerability scanning, configuration review, and simulated phishing tests by an authorised assessor.

45 templates | 55 questions

IASME Cyber Assurance 2023

UK Governance-Based Cyber Security

Incorporates Cyber Essentials Plus with additional controls covering risk management, incident response, business continuity, and security awareness. A stepping stone towards ISO 27001 for UK organisations.

35 templates | 45 questions

IASME DCC 2023

Data Compliance Certification

UK data protection certification demonstrating GDPR compliance for SMEs. Covers lawful basis, privacy notices, data subject rights, breach notification, and Records of Processing Activities (ROPA).

40 templates | 50 questions

IASME MSP 2024

Managed Service Provider Assurance

Specialist certification for MSPs and IT support companies. Addresses unique security challenges of managing multiple client environments including privileged access management, multi-tenant security, and supply chain security.

ESG & Sustainability Frameworks

Seven ESG Frameworks — Fully Integrated

Complete ESG & Sustainability management with carbon accounting (Scope 1/2/3), double materiality assessments, 40+ ESG metrics, AI-generated sustainability reports, and supply chain ESG scoring — all built into the same platform as your existing compliance programmes.

26 standards

GRI (Global Reporting Initiative)

Sustainability Reporting

The world's most widely used sustainability reporting framework. Universal Standards, Sector Standards, and Topic Standards for comprehensive ESG disclosure. Document templates, guided assessments, and completion tracking per standard.

14 ESRS standards

CSRD/ESRS

Corporate Sustainability Reporting Directive

EU mandatory sustainability reporting under the European Sustainability Reporting Standards. Covers environmental, social, and governance topics with double materiality assessment and CSRD-aligned reporting.

10 recommendations

TCFD

Task Force on Climate-Related Financial Disclosures

Climate-related risk and opportunity disclosure across Governance, Strategy, Risk Management, and Metrics & Targets pillars. AI-generated TCFD climate reports with professional DOCX export.

13 sections

CDP (Carbon Disclosure Project)

Environmental Disclosure System

Global environmental disclosure system for companies, cities, and financial institutions. Climate change, water security, and forests questionnaires with AI-generated CDP climate disclosure reports.

8 standards

ISSB/IFRS S1 & S2

International Sustainability Standards Board

IFRS Foundation's global sustainability disclosure standards. S1 (General Requirements) and S2 (Climate-Related Disclosures) with guided assessments and AI-generated sustainability disclosure reports.

10 standards

SASB

Sustainability Accounting Standards Board

Industry-specific sustainability accounting standards for financially material ESG topics across 77 industries. Sector-specific disclosure with AI-generated SASB industry reports.

17 goals

UN SDGs (Sustainable Development Goals)

2030 Agenda for Sustainable Development

The 2030 Agenda's 17 goals and 169 targets for peace, prosperity, and planetary protection. Track organisational contribution and alignment with AI-generated SDGs alignment reports.

Explore ESG & Sustainability Features
UK Corporate Governance Code | Effective Jan 2026

Provision 29 — Principal Risks & Uncertainties

Beyond our 26 compliance standards and frameworks, GRCxAI includes a purpose-built module for Provision 29 of the UK Corporate Governance Code. Designed for UK-listed companies, it provides a structured approach to identifying, assessing, and reporting on principal risks and uncertainties.

Principal Risk Register
Board Oversight Tracking
Control Effectiveness Testing
Operational Risk Linkage
AI Annual Report Generation
KRI Monitoring & Alerts
Immutable Audit Trail
Viability Statement Support
Learn More About Provision 29

Get Started

Ready to Achieve Compliance?

Start managing all 26 standards and frameworks from a single, unified platform.

Request a Demo Contact Sales
info@aibizzapps.com