Skip to Main Content
This website uses cookies. View our cookie policy

Assists with identifying the legal, contractual and regulatory obligations to meet the Interested Parties clause 4.2 of ISO 27001.

Easy to identify and select the legislation that is relevant to your organisation.


Why use Compliance Manager?

Get all the statutory and regulatory requirements in one place

Compliance Manager is designed to help users meet their legal and regulatory requirements and facilitates compliance with an ISO 27001 risk assessment in the UK.

Aligned with best practice

Compliance Manager includes control sets from ISO 27001, ISO 27017, ISO 27018, ISO 22301, SOC 2, CCPA and CCRA.

The easy way to identify your legal and regulatory information security requirements

Compliance Manager is a subscription service that helps you identify the IT laws that are relevant to your organisation and determine what you need to do to comply.

With a growing database of IT-related legislation, Compliance Manager enables the busy organisation to pinpoint exactly what actions are necessary to comply with the relevant laws.

Its interactive database lists the relevant clauses from each law and provides guidance on implementing them, mapped against the appropriate best-practice controls from Annex A of ISO 27001, so you can easily determine the actions you need to take to comply – and demonstrate that compliance.

For each law, Compliance Manager includes effective dates, implementation requirements and links to the legislation itself. The list also includes curated GDPR articles that require organisations to take action, accompanied by guidance on how best to implement them. You can also add your own requirements or controls that are applicable to your organisation.


We offer single-user and multi-user access via monthly and annual subscriptions. Being hosted online also means that other invited users can access Compliance Manager with a ‘read only’ role and ensures that correct procedures have been followed.

Price guarantee: If you find a tool that does exactly the same, with the same outcomes at the same incredible price or lower, we will refund your first subscription*

*full details on the shopping page

ISO 27001 controls

Includes 274 controls from ISO 27001:2013 and ISO 27001:2005

Instant access

Provides instant access to an updated database of law and regulations as and when new content is released

Expertly curated

Makes it easy to identify and select the legislation that is relevant to your organisation

Monitor compliance

Change the status of individual clauses and controls to keep track of your compliance project

GDPR articles

Includes information on those GDPR articles that require you to take action, accompanied by guidance on how best to implement them

Gives optional access to a data flow map

Intergration with the Data Flow Mapping Tool, which you can use to chart the flow of personal data through your business processes. The tool’s integration with Compliance Manager allows you to map relevant requirements and controls to your processes.


Jeffrey S. Cochran

Information Security Manager, Thompsons Online Benefits

By the way, this vsRisk package rocks!
I do very much like how it is laid out and operates. This is just what I needed.


Nicholas King


Robust have never been so high-profile. The introduction of the EU GDPR (General Data Protection Regulation) in May 2018 put personal data protection firmly in the public consciousness. Cybercrime continues to grab headlines, with attacks causing massive disruption for airlines, hospitals and entire ... read more