Skip to Main Content
This website uses cookies. View our cookie policy
Compliance Manager for ISO 27001 Controls


Leave a review

  • Get unlimited access to Compliance Manager for read-only users.
  • Easily identify your legal, contractual and regulatory information security obligations, as required by Clause 4.2 of ISO 27001:2013 and Clause 4.2 of ISO 27001:2022.
  • Determine and select the legislation that is relevant to your organisation, and the best-practice security controls you need to meet your obligations.
  • Get compliant and stay compliant: regular updates ensure you remain on top of your data security and privacy compliance obligations.
  • Enjoy easy access for multiple users, wherever you are, with the Cloud-based platform.
  • Get unlimited support on demand, including training and direct contact with developers to ensure you meet your objectives.

Ready to take your compliance management to the next level? Visit IT Governance to explore Compliance Manager further and purchase or take a trial of this product.

Users – admin licenses
Billing period
Compliance Manager - 1 user - Monthly

Your first 30 days are FREE

Try before you buy with a FREE 30-day trial. Simply add the number of admin licences you require to your basket and proceed to checkout. You won’t be charged for the admin licences until the 30-day trial has ended and can cancel your subscription at any time. Unlimited access for read-only users is free once you have started your subscription!
Try now for
Subscription price thereafter (ex. VAT)
Trial price £0.00
Subscription price thereafter
Excluding VAT
Compliance Manager is a comprehensive tool for managing information security and data protection requirements. It is designed to help users keep track of their compliance with applicable laws and regulations, which is essential for organisations implementing an ISO 27001-compliant ISMS (information security management system) or complying with the GDPR (General Data Protection Regulation).

ISO 27002 controls

Includes ISO 27002 controls from the 2005, 2013 and 2022 iterations of the Standard.

Instant access

Provides instant access to an updated database of law and regulations as and when new content is released.

Expertly curated

Makes it easy to identify and select the legislation that is relevant to your organisation.


Monitor compliance

Change the status of individual clauses and controls to keep track of your compliance project.

GDPR articles

Includes information on UK and EU GDPR articles that require you to take action, and guidance on how best to implement them.

Gives optional access to a data flow map

Integrates with the Data Flow Mapping Tool, which you can use to chart the flow of personal data through your business processes, allowing you to map relevant requirements and controls to your processes.


How many licences do I need?

A typical small to medium-sized enterprise would need a single-user licence, for the person responsible for identifying the legal, contractual and regulatory obligations, as set out in Clause 4.2 of ISO 27001. This might be your information security manager, head of IT, compliance manager or CIO.

A typical corporate organisation would need a five-user licence to cover the above roles, plus your head of compliance, CISO and legal counsel – the group of people responsible for determining and selecting the legislation that is relevant to your organisation, and the best-practice security controls you need to implement to meet your compliance obligations.

Note that everyone in the business can read the data and be allocated tasks without the need for additional licences.

Aligned with best practice

Compliance Manager includes control sets from:

  • UK laws, such as the:
    • Protection of Freedoms Act 2012
    • Freedom of Information Act 2000
    • Small and Medium Sized Business Regulations 2015
    • Public Records Act
    • Computer Misuse Act
  • CCPA
  • CPRA
  • ISO/IEC 27002:2022
  • CES 3.3
  • NIST SP 500-83
  • ISO/IEC 27032:2012
  • CSA CCM v3
  • ECC 2018
  • CSCC 2019
  • CCC 2020
  • PCI DSS v3.0, v3.2 and v4.0
  • ISO 27017
  • ISO 27018
  • ISO 22301
  • SOC 2 TSC
  • NHS DSP Toolkit – Category 3

Easily identify your legal and regulatory information security requirements

With a growing database of IT-related legislation, Compliance Manager enables the busy organisation to pinpoint exactly what actions are necessary to comply with the relevant laws. Plus, the task-based landing page will quickly and easily guide you through the initial set-up.

The tool’s interactive database lists the relevant clauses from each law and provides guidance on implementing them, mapped against the appropriate best-practice controls from Annex A of ISO 27001, so you can easily determine the actions you need to take to comply – and demonstrate that compliance.

Get all the statutory and regulatory requirements in one place

Compliance Manager is a subscription service that helps you identify the information security laws that are relevant to your organisation and determine what you need to do to comply.

It is designed to help users meet their legal and regulatory requirements and facilitates compliance with an ISO 27001 risk assessment in the UK.

Intuitive and interactive dashboard with live support

The intuitive and interactive dashboard offers a real-time overview of your project that you can personalise to see what's important to you. Plus, you can live chat with our product developers who will help you navigate the tool, address any technical issues and advise on how to get the most out of the software.


Why choose Compliance Manager?

At Vigilant Software, we understand that you might be facing struggles such as a lack of resources and in-house expertise, and a continually changing regulatory environment.

You might also have outdated processes and difficulties providing measurable, trackable results to the board.

Compliance Manager can help you:

  • Manage your cyber security and data privacy obligations and meet your compliance objectives;
  • Demonstrate compliance with Clause 4.2 of ISO 27001, thereby achieving stakeholder buy-in, increased confidence from your customers and contract wins;
  • Monitor compliance on an ongoing basis and change the status of individual clauses and controls to keep track of your compliance project;
  • Report to senior management with a dashboard that shows a real-time snapshot of your compliance status, and generate PDF reports at the click of a button; and
  • Deliver consistent, compliant and repeatable results that you can’t achieve with a spreadsheet.

Part of the CyberComply platform, Compliance Manager will save you time and money by enabling you to easily identify your legal and regulatory information security requirements in line with ISO 27001.

You are given instant access to an updated database of laws and regulations as and when new content is released, and we provide unlimited onboarding and training sessions with a dedicated customer success manager.

Compliance Manager will help you improve processes, generate efficiencies around your compliance obligations, and provide trackable, reportable results at a price you can afford.

  • Compliance Manager is hosted on CyberComply, Vigilant Software’s online cyber security and compliance platform.
  • It is built on Microsoft’s Azure platform and hosted in its EU data centres. Azure is certified and audited to numerous security standards, including ISO 27001, SOC 1, 2 and 3, and CSA STAR.
  • As a supplier of GRC (governance, risk and compliance) software, Vigilant Software takes security seriously. We are certified to the ISO 27001 information security, ISO 27701 privacy and ISO 9001 quality standards. We follow a secure development lifecycle and are continually improving our software by including security enhancements throughout our development roadmap.
  • Our software is developed to OWASP standards, and our developers are trained accordingly. Read more about our security measures here.
  • All you need to access Compliance Manager is an Internet connection and a compatible browser – the latest version of Chrome, Edge, Firefox or Internet Explorer.
  • The software is available on an annual or monthly subscription basis.
  • Compliance Manager includes regular updates to content and functionality.
  • Compliance manager can be integrated with the other tools hosted on the CyberComply platform.


Cloud-based application that can be accessed via any compatible browser.


After you have completed your order, you will receive a sales receipt and an invite email from the CyberComply platform (if you don’t receive these emails, please check your junk folder).

The invite will be sent via and it will include a link to access the platform.

Once you have clicked the link, you will be directed to, where you will be asked to enter your email and password (a temporary password will be included in the invite email).

You will then have full access to your account.

Once you have accessed your account, you can access our user guides directly from the home screen/dashboard. Alternatively, you can contact support using the icon at the top right of the home screen.

Please note: The invite is valid for 24 hours. Please email should you require a new invite.

Need more than 15 licences?

If you require more than 15 licences, please speak to one of our experts. This will help us understand your requirements and scope so we can send you a tailored quote.

Payment terms

Monthly single and multi-user subscriptions are only available to purchase through the website using a credit card. A sales receipt will be sent automatically at point of purchase and every month after that unless the renewal is cancelled.

Annual subscription purchases can be made through the website via credit card payments or invoiced directly with a PO.

*Price guarantee: If you find a Cloud-based compliance management tool that does exactly the same, with the same functionality and outcomes at the same incredible price or lower, we will refund your first subscription.


You may also be interested in:

Information Security Risk Assessment Software - vsRisk Cloud
Data Flow Mapping Tool Software for GDPR - Vigilant Software
GDPR Manager
Cyber Compliance Software - CyberComply

Customer Reviews