Introducing Essential: Specialist Compliance AI at $12 a Month
Our new Essential plan puts specialist compliance AI within reach of individual practitioners and small teams, without diluting the expertise.
Today we are introducing Essential, a new paid plan for ISMS Copilot at $12 a month ($120 a year). It sits between our Free plan and Plus, and it exists for one reason: to put serious, specialist compliance AI in the hands of the people who have always been priced out of it, namely individual practitioners and small teams. Crucially, it does this without asking them to settle for weaker guidance.
That last part is the whole point, so let us be clear about it up front. Affordable should never mean generic.
We always wanted to be affordable. Wanting was not enough.
From the beginning, the goal was to make trustworthy compliance assistance accessible. Compliance work has a cost problem that has nothing to do with software. Good guidance is expensive because it is specialist. It has to be grounded in real frameworks, current control versions, and the way auditors actually read evidence. That grounding is what separates a useful answer from a confident guess, and it is not cheap to build or to run.
So for a long time we faced an honest tension. We could be cheap, or we could be correct, and in compliance the second one is the only one that matters. A wrong answer in front of an auditor is worse than no answer at all. We were not willing to lower the price by lowering the standard, so the entry point stayed higher than we wanted.
What changed
The price floor moved because the underlying economics moved. Over the past months we made real progress in how ISMS Copilot routes each piece of work to the most efficient model path capable of handling it well. Core compliance guidance no longer has to take the most expensive route through the system to be accurate.
In plain terms: we found a faster, leaner way to deliver the same specialist knowledge for everyday compliance questions, and we are passing the savings straight on to you. This is not a cheaper, watered-down assistant. It is the same verified, framework-aware foundation, reached by a smarter route.
What you get with Essential
Essential is the first paid rung on the ladder, designed for focused, individual work:
- Core compliance guidance grounded in real, versioned frameworks, for individual compliance work.
- 25 file uploads per month, so you can put your own policies, evidence, and drafts in front of the assistant.
- Cancel anytime. No lock-in, no annual handcuffs.
- $12 a month, or $120 billed annually. Free stays at $0, and Plus remains $24 a month for anyone who needs more capacity.
It is built for a specific kind of work: a single ISO 27001 implementation, a SOC 2 readiness push, a GDPR cleanup, or a consultant carefully handling one client engagement at a time. If that is you, Essential is meant to be the obvious choice.
Affordable does not mean generic
There has always been a cheap option in compliance AI. You open a general-purpose chatbot, paste in your question, and get an answer in seconds for free. The problem is that the answer is confidently wrong often enough to be dangerous in an audit. Generic models are trained to sound right, not to be right about ISO 27001 Annex A or the specific clause structure of NIS 2. We have written before about why that gap matters, and it does not close just because the tool is free.
Essential is the opposite trade. It attaches a low price to the same specialist grounding that makes ISMS Copilot worth trusting: verified and version-specific framework knowledge, EU-based data handling, and answers written with the audit in mind. Lowering the price does not lower the standard. That is the entire design constraint, and we held to it.
So the choice Essential offers is not "cheaper but riskier." It is the specialist tool, now at a price that no longer assumes a corporate budget behind it.
Toward compliance AI that is actually accessible
Serious compliance has long been a privilege of well-funded organizations. Large consultancies, large budgets, and enterprise tooling could buy rigor, while the solo practitioner, the startup's first security hire, and the two-person consultancy were left improvising with free chatbots and crossed fingers.
The real promise of good AI is that it widens that circle. A practitioner working alone should be able to reason about a control with the same care as a team at a large enterprise. That is what democratizing compliance AI means to us: not making the expertise thinner so it fits a smaller budget, but making genuine expertise reach further.
Essential is a concrete step in that direction, and it will not be the last. We think the future of this field is one where trustworthy, specialist compliance guidance is something anyone doing the work can simply afford to have at their side.