How it works

A single platform for end-to-end information security and compliance

All-in-one information security and compliance platform

Explore some of our most popular features

Automation Engine

Compyl’s automation engine is at the core of everything we do. We easily tie into your organization’s systems, pull the real data, and display it in one location exactly how you want it to be seen. Compyl monitors, validates, and continuously runs these reports and tasks that are easily forgotten about, leading to major issues and pain points down the road. We can also configure custom routine controls to capture additional data an organization may need.

Policies, Standards and Procedures

An organization is required to follow a set of policies, standards and procedures based on their industry, regulations and the tech stack they use. Many businesses do not have these documents in place or the ability to monitor if they are being adhered to. During the onboarding process, Compyl generates all of the required policies your company is required to follow, assigns ownership and allows you to track progress to avoid any organizational lapses. These can be based on industry regulations or industry best practices.


Organizations are required to follow privacy laws and regulations (such as GDPR, CCPA, HIPAA, etc) depending on the type of data they store to ensure it’s handled properly. During the onboarding process, Compyl generates these privacy requirements based on your company needs and legal requirements to ensure you are operating with the required privacy framework or regulation.

Contract Register

The Contract Register securely stores and monitors all contracts in one location. Once all contracts are centralized, renewal tasks and reminders are created to alert owners before a contract lapses to allow for appropriate re-negotiation time and update to include security or compliance requirements.

Incident Register

The Incident Register is a centralized location to log all incidents that happen across an organization. Ensures appropriate information is collected and retained for audit purposes, trigger incident response playbooks, and help facilitate root cause analysis as part of continuous improvement processes. Allow your business to standardize the approach and escalate each incident to the appropriate stakeholders regardless of where the incident occurred within the organization.

Risk Register

The Risk Register logs all identified risks across an organization in a single location. This acts as a repository and includes essential information that relates to each risk that has been raised. Compyl then links each risk to the relevant asset, a system, category, vendor and/or control to bring consistency when evaluating risks across the organization.

IT Asset Register

The IT Asset Systems Register securely stores your software and hardware that holds or processes your data and information. Your software and hardware is then scored on availability and criticality based on your organization. A compliance score can then be determined for each system based on incidents, risk, contracts, incomplete tasks or reports, and vendor assessment.

Vendor Register

The Vendor Register securely stores your organization’s vendors, suppliers, and 3rd parties. Through the Vendor Register, This allows you to conduct vendor assessments to understand technical and operational risk and standardize how your organization evaluates a vendor. Compyl enables full lifecycle management of your vendors, suppliers, and 3rd parties.


Compyl’s Wizard directs and assists you throughout the onboarding and setup process. You will be led through a series of steps which will compile and configure all of the necessary information for your organization such as framework compliance, systems, and vendors to start you on your Compyl journey.

Phishing and Training

Organizations generally lack the ability to provide consistent phishing and training simulations for employees. This leaves organizations vulnerable to be hacked or breached by avoidable scenarios. Compyl centralizes this training and implements it across all stakeholders to identify areas that need to be improved. We can even assign specific training modules for individuals that are identified as higher risk or require it as part of their job function.

The Information Security Management System - ISMS

The Information Security Management System (ISMS) is a documented management system that keeps a record of each and every task created or completed across an organization. This is a granular list of what needs to be done, who needs to do it, and when it needs to be completed. The ISMS proactively identifies each task that needs to be done to mitigate risk across the organization and satisfy all necessary regulatory frameworks.


A comprehensive view of your organization in real time. The dashboard pulls data from reports and systems to display the information visually using graphs, charts or metrics. Drill down on each tile based on the systems you choose to monitor and then add or remove tiles over time as your organization priorities evolve. Access source data by simply clicking the corresponding tile.


Generate and standardize multi level intelligent reporting. Track progress and find insights across your organization. Distribute reports and set frequencies as required. Empower your team and support them with the information they need to make consistent and informed decisions.

Our partners value a proper information security and compliance foundation


Take your business to the next level

Become the authority in your space!
By clicking “Accept”, you agree to the use of cookies on your device in accordance with our Privacy and Cookie policies