€9 per user, per year. Register here →
Your first professional compliance baseline.
Your organisation is operating. Clients are asking questions. Tenders require evidence of security practices. Cyber insurance applications demand policy documentation. You know compliance matters — you just do not have the internal resource to build it from scratch, or the budget to bring in a consultant every time a framework changes.
CIAO Core solves that immediately.
Already a member? Login here →
What Core unlocks:
Three enterprise-grade foundational policies, professionally maintained and continuously updated as international standards evolve:
The Information Security Policy — Mapped across ISO 27001, NIST CSF, SOX, GDPR, POPIA, King V, COSO, OECD Principles and ISO 42001 AI governance.
The Data Protection and Privacy Policy — Multi-jurisdictional coverage across GDPR, UK GDPR, POPIA, Singapore PDPA, India DPDP, Mauritius DPA and AU Convention 108+.
The Cybersecurity Awareness and Training Policy — Role-based training frameworks, phishing simulation guidance, and incident awareness aligned across major frameworks.
All three policies are classified PUBLIC — meaning you share them directly with auditors, clients, tender committees and supply chain partners as immediate, credible evidence of your compliance posture. No redaction. No hesitation.
Includes everything in Commons.
Why this works for organisations of 1–10 people:
You do not need a compliance team to use these policies. You need two or three people with access to a professionally governed compliance environment — one they can point to, share from, and rely on to stay current without internal maintenance effort.
We do the ongoing mapping and updating. You get the competitive advantage.
Compliance that costs less than one hour of a consultant’s time.
Already a member? Login here →
Part of the CIAO Standard architecture — see Standard Architecture & Tier Content Depth for the canonical domain spine and tier-by-tier content ladder.