Skip to Main Content
This website uses cookies. View our cookie policy

Compliance Manager: Assists with identifying the legal, contractual and regulatory obligations to meet the Interested Parties clause 4.2 of ISO 27001. Updated for ISO 27002:2022

Reflects UK GDPR requirements.

Easy to identify and select the legislation that is relevant to your organisation.

On-demand and unlimited support.


Why use Compliance Manager?

Get all the statutory and regulatory requirements in one place

Compliance Manager is designed to help users meet their legal and regulatory requirements and facilitates compliance with an ISO 27001 risk assessment in the UK.

Aligned with best practice

Compliance Manager includes control sets from UK GDPR, EU GDPR, UK laws, CCPA, CPRA, ISO/IEC 27001:2013, ISO/IEC 27002:2022, CES 3.3, NIST SP 500-83, ISO/IEC 270032:2012, CSA CCM v3, ECC 2018, CSCC 2019, CCC 2020, PCI DSS v3.0 and v3.2, ISO 27017, ISO 27018, ISO 22301, SOC 2 TSC, NHS DSP - Category 3 and NIS CAF.

The easy way to identify your legal and regulatory information security requirements

Compliance Manager is a subscription service that helps you identify the IT laws that are relevant to your organisation and determine what you need to do to comply.

With a growing database of IT-related legislation, Compliance Manager enables the busy organisation to pinpoint exactly what actions are necessary to comply with the relevant laws. Plus, the new task-based landing page will quickly and easily guide you through the initial set-up.

Its interactive database lists the relevant clauses from each law and provides guidance on implementing them, mapped against the appropriate best-practice controls from Annex A of ISO 27001, so you can easily determine the actions you need to take to comply – and demonstrate that compliance.

For each law, Compliance Manager includes effective dates, implementation requirements and links to the legislation itself. The list also includes curated GDPR articles that require organisations to take action, accompanied by guidance on how best to implement them. You can also add your own requirements or controls that are applicable to your organisation.

The intuitive and interactive dashboard offers a real-time overview of your project that you can personalise to see what's important to you. Plus, you can live chat with our product developers who will help you navigate the tool, address any technical issues and advise on how to get the most out of the software.


We offer single-user and multi-user access via monthly and annual subscriptions. Being hosted online also means that other invited users can access Compliance Manager with a ‘read only’ role and ensures that correct procedures have been followed.

Price guarantee: If you find a tool that does exactly the same, with the same outcomes at the same incredible price or lower, we will refund your first subscription*

*Full details on the shopping page

ISO 27001 controls

Includes 274 controls from ISO 27001:2013 and ISO 27001:2005

Instant access

Provides instant access to an updated database of law and regulations as and when new content is released

Expertly curated

Makes it easy to identify and select the legislation that is relevant to your organisation

Monitor compliance

Change the status of individual clauses and controls to keep track of your compliance project

GDPR articles

Includes information on those UK and EU GDPR articles that require you to take action, accompanied by guidance on how best to implement them

Gives optional access to a data flow map

Integration with the Data Flow Mapping Tool, which you can use to chart the flow of personal data through your business processes, allowing you to map relevant requirements and controls to your processes.

Technical specifications

  • Hosted on CyberComply, our online cyber security and compliance platform.
  • An Internet connection and a compatible browser are required – the latest version of Chrome, Edge, Firefox or Internet Explorer.
  • Available on an annual subscription basis.
  • Supported by Microsoft Azure data centres, which have industry-leading security measures and policies.
  • Includes regular updates to content and functionality.
  • Includes on-demand and unlimited support.
  • Integrates with DocumentKits*, the Cloud-based platform that manages all your supporting compliance documentation in one place.

Upgrade to CyberComply

Compliance Manager is one of five fully integrated modules of the CyberComply platform, making cyber security risk management and privacy compliance easy and affordable for all.

Providing complete control over your data privacy and information security compliance progress, CyberComply comprises the following modules:

Effortlessly meet your data security and data privacy obligations with one powerful tool.


Jeffrey S. Cochran

Information Security Manager, Thompsons Online Benefits

By the way, this vsRisk package rocks!
I do very much like how it is laid out and operates. This is just what I needed.


Nicholas King


Robust have never been so high-profile. The introduction of the EU GDPR (General Data Protection Regulation) in May 2018 put personal data protection firmly in the public consciousness. Cybercrime continues to grab headlines, with attacks causing massive disruption for airlines, hospitals and entire ... read more