Our Compliance Studio is the human factor of our platform

The Compliance Studio is our human factor for our Compleye Online users! Curious about the services we offer? Stay put! We will take you right through the ins and outs and everything in between.

All of our services will start with a short Intake Call, which will be 20 min max, to tell you all about the process and the preparation. Afterwards, we will plan the first meeting(s) with experts of our Lean Compliance Designer Team.

Security Meeting Guidance

€150 excl

It takes time to build your information security management system and while building you will need to control progress. By organizing monthly security meetings, you can keep track of implementation, improvements and changes. The agenda topics and notes are embedded in Compleye Online. We will support you during these meetings help you prioritizing your lists and keep you focussed on the target … getting ready for (re)certification.

Added to your client board in Compleye Online:

Sections Operations | Security meetings : follow Agenda, make notes and identify Call to Actions.

Changes will be added to dedicated section pages, if applicable.

During the meetings we will share knowledge and experience to support your ISMS team in moving forward.

1 x 20 minute Intake

1 x 1 hour with ISMS Team

We will spend time during security meeting on topics to discuss and finalize notes and call to actions after the meeting to be most efficient.

Note: Your assessment service is not only 20 minutes. You purchase the complete assessment at once and book the intake call (max. 20min) via the button below After the intake call we will plan the follow up together to complete your assessment.

Internal Audit ISO27001

€2000 excl

There is a long list of activities that need to be done, before you are ready to get certified. This is one of last things to do.. let a friendly partner perform a readiness check. We will check if you have every nitty gritty detail in place. If not, we will support you with tips how to fix it in time. Internal Audit is a mandatory activity that will need to be done on a yearly base.

Internal Audit is the best preparation for external audit – you can do it yourself the first year, however the external auditor will validate the independence character. We can perform this Internal Audit online – with the restriction that the evidence of ISMS is available in Compleye Online.

Added to your client board in Compleye Online:

Section Certification | Internal Audit : Report and findings, with suggestions for improvements.
Section Policies | Internal Audit Procedure

1 x 20 minute intake

1 x 1,5 hour meeting to validate findings of Internal Auditor – all ISMS Team members will need to be available.

1 x 1 hour meeting with C-level to report the end result, findings and suggestions for improvements – to be accepted.

External Audit Guidance

€800 excl per day

Getting certified, means that an (accredited) audit party will perform an audit for 3 executive years. With the ISO27001 standard in hand – every line will need to be checked, and you will need to show and tell how you have implemented and where is the evidence. If this is new for you, we can assist you during the audit – support you with the last preparations and act as an advocate and prompter when needed. Works especially if you did not read the ISO27001 standard.

If this is your first time, we will need to start prepping approx 6 months – some audit companies have huge waiting lists – to get a quote. The actual prep for External audit will strat 4-6 week before the planned audit, an overview of activities:

Review on mandatory documentation (SOA, Management Review and the Documentation of Chapter 4-10 – templates available in Compleye Online)
Review of internal audit improvements and in Year 2 and 3 the external audit improvements.
Define what work still needs to be done. [at this stage we can indicate how much time will be needed from our side]
Setup Agenda in cooperation with external auditor
Training session for your Team Members – part of external audit program.
Facilitate external audit days, guidance during the day.
Addressing the findings of the external audit in Corrective Action Plans and/or make suggestions for improvement.

Information Security Risk Assessment (ISRA)

€700 excl

The ISRA identifies and assesses the risks in your IT environment, both from an attacker’s point of view and the perspective on the potential impact to your business. What measures and controls do you (already) have in place? You should perform an ISRA on a yearly basis, to make sure you are able to discover the vulnerabilities in your security system. Prioritise your findings and define improvements that will strengthen your information security system.

1 x 20 minute Intake meeting with owner of ISRA

1 x 1 hour meeting for actual assessment with ISMS Team

1 x 1 hour meeting finalise assessment and evaluate improvements with suggestions.

We will support you with suggestions for improvements for implementation (tooling and soft solutions – based on the phase of your company)

GDPR
Assessment

€1200 excl

GDPR, the minimum requirement of regulation, is a buzzword for every company doing business in Europe. But what does that mean for your organisation? In the GDPR Assessment, we take you through the mandatory topics and assess what you already have in place and what needs to be implemented. The final report will give you confidence as well as evidence, in case your stakeholders will ask you the GDPR Question.

1 x 20 minute Intake meeting with owner of GDRP

1x 1 hour meeting explaining the GDPR Assessment report with findings and suggestion for improvements.

1 x 30 min meeting for a follow up call in case there are more questions or a review on the improvements implemented.

Lean Compliance
Challenge

€250 excl

Compliance is a complex matter and in the current world, where avoiding risks is the standard, the increase of regulations seem unprecedented. There is one thought that might ease this pain: security can never be captured by piles of paper. However, you will be able to solve all challenges just by taking one step at the time and making wise (business) decisions. During these sessions, we help you to find that first, next or last step on your compliance roadmap.

1 x 20 minute Intake meeting with owner of Compliance

1 x 1 hour meeting to analyze the challenge

1 x 30 minutes explanation, when the report is ready.

You will receive a summary of the conversation, explaining or visualising options of the solution. This document you might use during your next conversation to solve the problem and take you to the next step.

ISO27001
Certification Process

Certification of ISO27001 can only be given by an external Audit Company.
Compleye is not a certified body – we advise and support SME’s.
Depending on the size of the organization and complexity of technology the Audit Company will make a proposal for 3 years.
Year 1 is divided into 2 stages: stage 1: decide if you eligible for certification and stage 2: the in depth audit.
Year 2 and 3: control audits.

Indication of pricing: If your organization size <10 fte, with an average IT complexity; pricing will be around 8-10 K Euro (year 1: 3,5 days and year 2+3: 2 days a year). They will charge more (days) if you grow your organization on a yearly base.

Compleye Pricing:

is depending on the number of days proposed by external audit
if internal audit is performed by Compleye we need less time to prepare
indication of pricing : for <10 fte this can be done in 4-6 days – if readiness level is ok at the start.

Implementing new frameworks
Gap Analysis

€1500excl

You scored already your ISO27001 certification, or at least using Compleye Online to get ready for it. And now you are considering to implement another standard (e.g. ISO9001, ISAE, SOC-2, ISO27701), however you have no idea how much impact that might have on your resources. In a Gap Analysis we check your current state of ISO27001 and list additional activities to comply with new standard. This will give you an estimate of the impact.

Based on your evidence in Compleye Online – we check what is already in place and what new activities or documentation are needed.
A report is drafted and validated with your ISMS/PIMS/QMS Team
This report is your first internal audit of the new framework.
Based on the findings you can make a plan on timing and resources needed.

1 x 20 minute intake

1 x 30 min meeting with C-Level, before the Gap Analysis take place

1 x 1 hour meeting with C-Level, explain report and Improvements.

Security Awareness
Training

€1000 excl (1 team meeting, €250 for extra team meetings)

Mandatory ISO27001 topics addressed
Changes in policies & procedures
Communicate security measures in place for [e.g. remote working, incident reporting and handlings.
Organize with ISMS Team members
Make use Compleye Templates
Effectiveness of training measure via questionnaire
Store info in Compleye training section

1 x 20 minute intake

1 x 1 hour team meeting

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Our Compliance Studio is the human factor of our platform

Security Meeting Guidance

€150 excl

Internal Audit ISO27001

€2000 excl

External Audit Guidance

€800 excl per day

Information Security Risk Assessment (ISRA)

€700 excl

GDPR Assessment

€1200 excl

Lean Compliance Challenge

€250 excl

ISO27001 Certification Process

Implementing new frameworks Gap Analysis

€1500excl

Security Awareness Training

€1000 excl (1 team meeting, €250 for extra team meetings)

GDPR
Assessment

Lean Compliance
Challenge

ISO27001
Certification Process

Implementing new frameworks
Gap Analysis

Security Awareness
Training