Add what your organization actually needs.
Compliance programs, co-managed access for internal IT, infrastructure oversight, shadow IT monitoring, and standalone assessments. Each one adds onto any Acrivos tier without changing your base service.
Compliance that runs continuously, not just before an audit.
The Compliance Add-On is an ongoing program, not a one-time project. It starts with a formal assessment against your selected framework, moves into automated evidence collection, and stays active with continuous monitoring. When your environment changes or new obligations arise, your compliance posture updates with it.
This is a managed compliance program, not a remediation service. Where gaps require technical remediation - system configuration changes, control deployment, or other implementation work - those activities are professional services engagements scoped and billed separately. Any service not explicitly listed as included in your plan or this add-on is an additional billable charge.
$500 per month · 1-year or 2-year terms only
The Compliance Add-On is not available on month-to-month agreements. A minimum 1-year term is required.
Compliance assessment
A formal assessment of your environment against the selected framework. Identifies gaps in administrative, physical, and technical controls and produces a prioritized findings report your team can act on.
Automated compliance data collection
Continuous, automated collection of compliance evidence from your environment. Reduces the manual burden of audit preparation and keeps your evidence library current without relying on point-in-time snapshots.
Ongoing compliance monitoring
Continuous monitoring of your compliance posture against the selected framework. Alerts your team to drift, new obligations, or changes in your environment that affect your standing.
Supported frameworks
The compliance add-on is priced at $500 per month and covers one primary framework. Organizations with multiple compliance obligations should contact us to discuss scope.
Scope & term clarification
Included: compliance assessment, automated evidence collection, and ongoing monitoring. Not included: technical remediation, system configuration, or control deployment - these are professional services engagements billed separately. Any service not explicitly included in your base plan or this add-on is an additional charge. This add-on requires a 1-year or 2-year service agreement and is not available on month-to-month terms.