Policies own domains
Domain-owned policies (Identity, Vuln, IR, Vendor) carry the executive intent and own their downstream standards.
Platform · Govern
A control library that's actually used.
A six-layer document hierarchy gives you a single home for every policy, standard, procedure, playbook, runbook and automation. Baseline templates ship in the box. You customise. You own.
- Pre-built playbook and runbook library aligned to NIST CSF 2.0, ISO 27001 and NZISM.
- Inline RASCI on every artefact, with notifications when responsibilities change.
- Every artefact versioned. Every incident records the version it ran.
- Searchable from the IR workspace at 02:00 — not buried in a SharePoint.
Standards are mandatory
Standards are the rules: encryption ciphers, MFA configuration, log retention. Policies justify them.
Procedures step by step
Step-by-step instructions for the human team — with RASCI and outcomes captured per step.
Playbooks for incidents
A choreographed sequence of procedures, triggered by an incident type. Versioned and ownable.
Runbooks for operators
Specific, atomic, copy-pasteable. The thing the on-call engineer actually runs at 02:00.
Automation for the rest
Triggered actions that close the loop without a human in the chain. Logged like every other artefact.
A six-layer document hierarchy. Every artefact has an owner, a version, and a parent.
Policy at the top, automation at the bottom — and an unbroken accountability chain in between. Baseline templates come pre-loaded; you customise and own your copy from day one.
- L1PolicyDomain ownership
- L2StandardMandatory rules
- L3ProcedureStep-by-step
- L4PlaybookIncident workflow
- L5RunbookOperator action
- L6AutomationCode / triggered
Pre-built playbooks & runbooks. Customisable from day one.
A starter library covering the incidents you'll actually face — and the runbooks the team needs at 02:00. Every artefact is yours from the moment you log in. Versioned. Owned. Editable.
| Type | Code | Name | Aligned to |
|---|---|---|---|
| playbook | PB-IR-001 | Ransomware response | NIST CSF 2.0 |
| playbook | PB-IR-002 | Business email compromise | NIST CSF 2.0 |
| playbook | PB-IR-003 | Insider threat — data exfil | NIST CSF 2.0 |
| playbook | PB-IR-004 | OT/ICS safety incident | IEC 62443 |
| runbook | RB-NET-007 | Isolate compromised host | Internal |
| runbook | RB-IDP-002 | Revoke and rotate credentials | Internal |
| runbook | RB-EDR-001 | Triage EDR alert | Internal |
| runbook | RB-VLN-003 | Patch verification workflow | Internal |
See the library on a 30-minute demo.
We'll show you the seeded library and how to fork a playbook into your own version-controlled copy.