CyberAssure helps consultants guide clients through Cyber Essentials Plus, ISO 27001, and UK GDPR — with AI-generated policies, automated gap analysis, and audit-ready evidence packs.
Full GRC platform — from tech intake through audit sign-off. AI-powered throughout.
Track tasks, review policies, upload evidence, and ask AI anything — in plain English.
CyberAssure combines CE+, ISO 27001, and UK GDPR into a single operational governance framework — so nothing slips through the gaps.
NCSC-accredited technical controls across five domains: firewalls, secure configuration, user access, malware protection, and patch management. Verified by independent assessment.
Full Annex A clause mapping on every policy — from A.5 (Policies) through A.8 (Technology). Every generated document explicitly references the relevant ISO controls.
Seven dedicated privacy policies including DPIA procedure, SAR handling, ROPA, AI governance, and data breach response — all aligned to ICO guidance and UK post-Brexit requirements.
A structured 4-week programme — Monday to Wednesday client tasks, Thursday to Friday consultant review — with AI doing the heavy lifting.
Complete the structured tech intake covering identity platforms, MDM, AV/EDR, cloud, and patching. AI analyses the stack and identifies platform-specific evidence requirements.
Answer 20 questions across all five CE+ control areas. Claude generates a prioritised gap register with severity ratings, risk scores, and suggested resolutions.
Generate up to 22 policies tailored to the client's actual tech stack. Build branded, version-controlled policy documents. Client uploads evidence via their portal.
Run the AI pre-audit checker for a 0–100 readiness score. Exec signs off policies. Generate the complete audit report for submission to IASME, CyberSmart, or your chosen certifier.
Clean separation between consultant tools and client workspace — each with role-appropriate access, AI assistance, and a shared source of truth.
Manage all clients from one view. Track progress, audit dates, open gaps, and pack readiness across your entire book.
Tech intake analysis, gap generation, 22 policy drafts, pre-audit checking, and a CE+/ISO/GDPR knowledge assistant — all powered by Claude.
Generate complete policy documents with your client's logo, brand colour, header, footer, version history, and exec signature block — audit-ready HTML.
Complete evidence pack with asset register, gap analysis, policy index, declarations, and a shareable auditor link.
Clear Mon–Wed tasks, progress bars, and a simple checklist. Clients always know exactly what to do next.
Upload files directly against the relevant CE+ control area. Your consultant sees everything in real time.
Read, refine with AI, download, and track sign-off for each of your organisation's policies.
"What does MFA mean?", "What will the auditor test?" — plain-English answers, no jargon.
SSO, MFA, and role-based access control — so sensitive client data stays exactly where it should.
Sign in with your existing Google Workspace or Microsoft 365 account. OAuth 2.0 / OpenID Connect — no new passwords to manage.
Multi-factor authentication is required for all consultant accounts. Client accounts inherit MFA from their SSO provider. CE+ compliant out of the box.
Consultants see all their clients. Clients see only their own workspace. Auditors get a read-only share link with no login required.
Each client workspace is logically isolated. Consultants cannot see other consultants' clients. All data is encrypted in transit and at rest.
Every action is logged with timestamp, user, and IP. Policy versions are tracked with full history. Sign-off events are immutable.
All data stored in UK data centres. UK GDPR and DPA 2018 compliant. ICO-ready data processing records available on request.