Risks, policies, controls, evidence

Governance & risk

Audit-ready. All the time.

Risk register, policy library with version history, and KCSIE / Cyber Essentials / ISO 27001 / GDPR control evidence — mapped to the frameworks your inspector and your insurer ask about. Stop scrambling the week before Ofsted.

Request a private eval See pricing

Risk register with likelihood x impact scoring and mitigations

Single risk detail page with mitigations, controls, review history

Compliance controls mapped to KCSIE / Cyber Essentials / ISO 27001

Policy library with version history + sign-off workflow

Governance actions tracked from board and committee meetings

1 / 5

Risk register — 5x5 matrix scoring, owner per risk, residual after mitigations.

What ships

Real features. Named, working, in the product today.

No "coming soon" blocks. No "planned for v2" caveats. Everything below is in the demo we'll spin up for you.

Risk register

Strategic, operational, and compliance risks with likelihood × impact scoring (5×5 matrix, configurable), owner, mitigations, residual risk after controls, and review cadence.

Policy library

Every trust policy with version history, owner, reviewer, sign-off chain, effective date, next-review date. Diffs between versions. Auto-flag for review when expiry hits.

KCSIE controls

Every KCSIE part 5 requirement as a control with evidence, owner, status (implemented / partial / N/A), and last-reviewed date. The thing your inspector asks for, ready to show.

Cyber Essentials evidence

Same shape for Cyber Essentials and Cyber Essentials Plus controls. Re-certification month becomes a packing exercise instead of a panic.

Governance actions

Action items from board / committee meetings tracked with owner, due date, status, and evidence-of-completion. Carried-forward actions get flagged when they slip past two meetings.

Linked everywhere

Risks link to controls, controls to policies, policies to actions, actions to projects. Click any link to see the full chain.

Per-committee reporting

Filter by committee (Audit / Curriculum / FGB / Resources). Auto-generate the actions section of the next agenda from open items.

Audit log

Every change to every record — who, when, what, before / after. The document the auditor reads when verifying claims.

See Governance & risk on your trust's data.

7-day private instance, seeded with your academy structure, sent to you by email with a written walkthrough — explore at your own pace.

Request a private eval →