AI-powered GRC platform · free to start

Be audit-ready across NIS2, GDPR, ISO 27001 and more,without the GRC overhead.

Run assessments, manage controls, policies and risks, and stay on top of EU reporting deadlines in one platform. Start free in 15 minutes.

Assess fast

15-minute baseline across 9 frameworks with scoring, graphs, and prioritised gaps.

Centralise governance

Controls, policies, evidence, vendors, assets, risks, DPIAs and incidents in one place.

Stay deadline-ready

Built-in timelines for GDPR (72h), NIS2 (24h) and DORA (4h) notifications.

Start free, no card requiredSee the platform

Built for SMEs. Scales to multinationals across the EU, UK and worldwide.

Choose your path

Two ways to read this page

👤

SME CEO / Owner

Get a clear baseline, a prioritised plan, and audit-ready documentation, without hiring a full team.

Show me the SME view
🛡️

Security / Risk Lead

Operationalise controls and evidence across frameworks, manage vendors and incidents, and streamline audits.

Show me the Security/Risk view
app.shieldiqcyber.com
Dashboard
Controls
Policies
Risks
Assets
Vendors
Incidents
74%
Overall Score
43/58
Controls Active
7
Open Risks
3
Frameworks
Compliance maturity by framework
NIST
NIS2
GDPR
ISO
DORA
SOC 2
AI drafted Access Control Policy2m ago
NIS2 assessment completed: 74% score1h ago
Vendor risk auto-generated for 2 vendors3h ago

How it works

Three steps to a defensible posture

1

Run an assessment

About 15 minutes across any supported framework. No setup calls, no professional services.

2

Get gaps + actions

Prioritised remediation mapped to controls, with an actions board you can hand to your team.

3

Stay audit-ready

Policies, evidence, vendors and reporting deadlines tracked continuously, not just before audits.

Start free

For SME CEOs

Know where you stand, what to fix, and what "good" looks like.

1

Clear posture snapshot

Across NIS2, GDPR, ISO 27001 and more: one score, one view of progress.

2

Policies drafted quickly

AI drafts your starting policy suite, ready for review and approval.

3

Practical actions board

Track progress and accountability with effort/impact priorities.

Start free, no card required

No setup calls. No credit card. Just run your first assessment.

For Security & Risk Leads

Operationalise controls, evidence and audits across every framework you care about.

1

Cross-framework controls

Map once, satisfy many. Evidence and assessment auto-linking, no spreadsheets.

2

Audit-ready by default

Time-boxed auditor access, structured reporting and a tamper-evident activity trail.

3

Risk, vendors, incidents

Vendor questionnaires, asset criticality, GDPR/NIS2/DORA notifications and DPIAs end-to-end.

See the platform

9 Frameworks

Start in Ireland. Scale across the EU and UK.

Full coverage across EU, UK and international frameworks, with more added regularly.

NI
Cybersecurity

NIST CSF 2.0

6 functions, 22 categories. The gold standard for cybersecurity posture.

NI
EU Regulation

NIS2 Directive

8 domains, 25 requirements. EU cybersecurity for essential entities.

GD
Data Protection

GDPR

7 domains, 28 requirements. EU data protection & privacy.

IS
International

ISO 27001

4 control domains, 35 controls. International ISMS standard.

DO
Financial Services

DORA

5 domains, 14 requirements. Digital resilience for financial services.

SO
SaaS / Cloud

SOC 2

5 trust criteria, 18 controls. Security & privacy for SaaS.

Cy
UK Government

Cyber Essentials

5 technical controls. UK government security scheme.

EU
AI Regulation

EU AI Act

5 domains, 18 requirements. EU AI regulation compliance.

PC
Payments

PCI DSS 4.0

6 groups, 12 requirements. Payment card data security.

18 Modules · 4 outcomes

Everything you need. Nothing you don't.

Eighteen integrated modules grouped into the four outcomes that matter: assess, govern, manage risk, respond.

01

Assess & Benchmark

2 modules
📋

Assessments

9 frameworks, AI scoring per category, spider graphs, target maturity overlay.

📈

Dashboard

Drag, collapse, reorder. Compliance snapshot, trends, benchmarks, calendar widget.

02

Govern & Prove

5 modules
🛡️

Controls

Cross-framework controls with status, evidence and assessment auto-linking.

📄

Policies

Versioned policies, control mappings, employee acknowledgments. AI drafter included.

📜

Activity Feed

Tamper-evident trail with PII pseudonymisation, comments and @mentions.

👥

Team Management

Org accounts, roles, time-boxed read-only auditor access, comments.

📤

Bulk Import

Risks, assets, vendors. Preview + validate + confirm. No 200-row hand entry.

03

Manage Risk

5 modules
⚠️

Risk Register

5×5 grid + FAIR-lite quantitative loss expectancy + treatment plans.

🏢

Vendor Management

Lite + Standard questionnaires. Auto-generates risks from poor scores.

🖥️

Asset Inventory

Criticality, classification, ownership and control links in one place.

Actions Board

Kanban board with effort/impact priorities, assignment and due dates.

📅

Compliance Calendar

Unified view of audits, reviews, evidence expiries and contract renewals.

04

Respond & Improve

6 modules
🚨

Incident Management

Auto 72h GDPR / 24h NIS2 / 4h DORA deadlines. AI drafts regulator notification.

🔍

Network Scanner

NMAP scans with AI analysis of open ports and vulnerabilities.

🧪

Pen Tests

Structured engagement records with findings, retest schedule, risk linkage.

📊

ROPA (Art. 30)

GDPR Art. 30 records of processing activities. Regulator-ready CSV export.

📝

DPIA (Art. 35)

6-step wizard with auto Art. 36 prior-consultation trigger.

🔒

Security Controls

Forced MFA, login anomaly detection, trusted devices, tenant policy.

AI-Powered

Five AI features. One unified credit pool.

Built into the platform. Generous monthly allowances on every paid tier. No surprise overage bills, no margin death-spiral.

🧠

AI Assessment Analysis

Each category individually analysed with full business context: 2 to 3 paragraphs per category, bundled into every assessment.

✍️

AI Policy Drafter

Pick a policy type, scope, and framework. AI drafts a tailored policy you can review, edit and save as a versioned draft.

⚖️

AI Evidence Judge

Upload a file and get a verdict (satisfies, partial, or does not satisfy) with reasoning and improvement suggestions.

🔔

AI Incident Notifications

Automatically drafts regulator-ready notifications with correct deadlines for GDPR, NIS2, and DORA incidents.

🕵️

AI Gap Analysis

Finds gaps across your controls and frameworks, prioritises remediation, and keeps you continuously audit-ready.

Pricing

Start for free. Scale when ready.

No credit card required to get started. Your first assessment takes around 15 minutes.

Starter

Free

Everything you need to run your first assessment and understand your posture.

  • 1 framework assessment
  • Controls & risk register
  • Basic policy library
  • 1 user
  • AI assessment analysis included
Start free
Most popular

Professional

See plans

All 9 frameworks, unlimited users, full AI credit pool, and priority support.

  • All 9 frameworks
  • All 18 modules
  • 5 AI features (shared credit pool)
  • Unlimited users
  • Auditor access (time-boxed)
  • Priority support
View all plans & pricing

Consulting Services

Prefer hands-on support?

ShieldIQ's Dublin-based consultants step in when you need another person on the team: Virtual CISO, GRC programmes, strategic planning and incident response.

Explore consulting services

See your compliance posture in 15 minutes,
and leave with a prioritised plan.

Free to start. No credit card. No setup calls. Just sign up and run your first assessment across any of the 9 supported frameworks.

Start free today

Questions? Email info@shieldiqcyber.com