AI-NATIVE GRC PLATFORM

Governance
reimagined

Where CISOs, auditors, and compliance leaders converge. One AI-native platform to orchestrate risk, evidence, and trust across every framework.

See It in Action Explore the Platform
Swiss-engineered · 50+ frameworks · Practitioner-built
how to manage every compliance framework?

Fifteen frameworks.Fifteen silos.

Every framework. Every law.
One platform.

Built by practitioners. For practitioners.

50+ frameworks including

ISO 27001SOC 2GDPRNIS2DORAHIPAAPCI DSSNIST CSFFADPLGPD+ 40 more

Built by a team with combined 100+ years in GRC, cybersecurity, and compliance consulting

Frameworks supported

50+

Made in Switzerland

Swiss

Customization

Built by practitioners

100%

The problem

You've outgrown tools built for people who just discovered compliance.

Vanta, Drata, OneTrust; they're built for startups getting their first SOC 2. Great for them. But you're not starting. You're managing 15 frameworks, 200 controls, and a board that wants answers yesterday. You need a platform that speaks your language.

THEM

The others

Guided wizards for first timers
Generic templates, one size fits all
Compliance as a product mentality
Lock in with rigid workflows
Pretty dashboards, shallow data

ACUNA

Built different

Pro grade cockpit, zero hand holding
Your frameworks, your controls, your way
Built by people who've sat in your chair
Flexible architecture, no lock in
Deep analytics that drive decisions

See it in action

This is what pro grade looks like.

Dense, powerful, no fluff. Every screen designed for how GRC professionals actually work.

Annual Plan

Your entire compliance calendar at a glance. Recurring assessments, reviews, and audits mapped across the year with status tracking and ownership.

Features

Need this? No problem.

Everything you'd expect from a GRC platform designed by people who actually run GRC programs.

15 frameworks? Bring them on.

Map controls across ISO 27001, SOC 2, GDPR, NIS2, DORA, and more, simultaneously. No duplicated work. Ever.

From requirement to action.

Structure every requirement, map it to scope, controls, and owners, then turn it into executable work with full context.

Define scope with precision.

Model entities, boundaries, and applicability so each framework requirement lands in the right place from day one.

Operational controls, not shelfware.

Design controls, attach measures, assign ownership, and run recurring checks with evidence attached at the source.

Every claim, fully traceable.

Link evidence to controls, requirements, and audit outcomes for end to end traceability your auditors can follow instantly.

Know exactly where you stand.

Track compliance health scoring in real time with visibility by framework, domain, control set, and operating unit.

Run compliance day to day.

Manage ongoing tasks, remediation, and due dates in one operating rhythm so your team can execute without context switching.

Prove and improve continuously.

Prepare assurance packs, monitor findings, and drive continuous improvement cycles instead of one off audit sprints.

First value in your first hour.

Get started quickly with guided onboarding so teams can stand up scope, controls, and operating cadence fast.

Use Cases

Built for the teams who actually run GRC.

Three common operating models where Acuna delivers immediate value.

Compliance Leader

Run ISO 9001 and GDPR in one operating rhythm.

For compliance leaders who need quality and privacy programs aligned without duplicate effort.

  • Unify ISO 9001 and GDPR requirements
  • Track obligations, controls, and evidence together
  • Stay audit ready with clear traceability
CISO

Steer ISO 27001, SOC 2, and NIS2 with confidence.

For security leaders who need a single source of truth across security and compliance obligations.

  • Map overlapping controls across frameworks
  • Prioritize remediation by risk and impact
  • Report posture clearly to leadership and board
Consulting Firm / MSSP

Accelerate implementations and audits at scale.

For advisory and MSSP teams delivering repeatable compliance outcomes across multiple clients.

  • Standardize delivery playbooks and templates
  • Speed up implementation and audit preparation
  • Manage multiple client programs efficiently

Award-winning TPRM, fully integrated.

Our award winning TPRM platform, trusted by organizations to assess, monitor, and manage supplier risk, is now fully integrated into Acuna. No separate login, no data silos. Vendor risk lives right where it belongs: alongside your controls, frameworks, and risk register.

OSINT

Automated Risk Scoring

Automated supplier assessments across DNS, TLS, web headers, breach exposure, and reputation. Composite grades from A to F with zero manual research.

Live

Continuous Monitoring

Real-time risk signals from threat intelligence, breach databases, and regulatory updates. Know the moment something changes.

Scale

Assessment Campaigns

Launch assessments at scale with a guided wizard. Select templates, choose suppliers, personalize outreach, and track completion from one dashboard.

Meet Aiko

Agentic in your GRC data.

Ask anything. Order anything. Brainstorm on your data. Aiko works directly inside your GRC context to help you move from questions to decisions faster.

Ask anything

Get instant answers across frameworks, controls, evidence, risks, and deadlines.

Order anything

Tell Aiko what you need next: prioritize actions, draft updates, or prepare review ready summaries.

Brainstorm on your data

Explore scenarios and trade offs using your real program data, not generic templates.

Aiko AI Assistant

Team

Built by people who've done your job.

Practitioners across GRC, cybersecurity, audit, and compliance, who've sat in your chair.

Alexis Hirschhorn

Alexis Hirschhorn

CEO of Acuna

Cyber security and governance consultant with 20+ years advising multinationals, governments, and international organizations.

Cyber & information securityCloud securityRisk & governance consultingCertified Lead Auditor
Henri Haenni

Henri Haenni

CEO of Abilene Group

Business continuity and information security expert; certified international trainer and Lecturer at Sorbonne University Paris 1.

Business continuityRisk managementInformation security governanceSorbonne University lecturer
Laura Menetrey

Laura Menetrey

Legal and compliance expert

Strategic legal advisor in data protection and privacy law, helping organizations navigate GDPR, NIS2, DORA, and Swiss nDSG.

Data protection lawGDPR, NIS2, DORA, nDSGPrivacy & regulatory advisoryData mapping & compliance
Jean Munyarugerero

Jean Munyarugerero

Auditing expert

Hands-on IS and business continuity trainer and auditor with experience spanning finance, cloud, public sector, and NGOs.

IS & business continuity trainerManagement systems auditorFinance, cloud, public sector, NGOs
Jean-Emmanuel Rodriguez

Jean-Emmanuel Rodriguez

Cybersecurity governance expert

Supports clients through vendor risk, compliance technology integration, and gap analysis from policy development to go-live.

AI governanceInformation security governanceGap analysis & framework implementationGRC
Bénédicte Sévin

Bénédicte Sévin

GRC Consulting team leader

Leads end-to-end project supervision across implementations, audits, and compliance programs for global organizations.

GRC project leadershipISO 27001 Lead Implementer15+ years international experienceI.S.I.T. Paris certified
Meet the full team →

Pricing

No surprises. No per seat games.

Transparent pricing that scales with your organization, not your headcount.

Professional

For organizations running advanced GRC programs.

Starts from

CHF 5'388

  • Unlimited frameworks
  • Custom dashboards
  • Integrated KPI and custom reports
  • Connectors and API
  • Full AI support

Optional modules

Supplier Shield TPRMBusiness Continuity and Crisis ManagementEnterprise Risk ManagementData ProtectionInternal Audit
Contact Sales

Enterprise

For large organizations with complex, multi-entity GRC programs.

Get in touch

  • All Professional features
  • Multi-entity management
  • RBAC (Role-Based Access Control)
  • Trust Center
  • Breach Scanner
  • D&B Credit Score integration
  • Dedicated onboarding and support
  • Custom SLA
  • Priority access to new features
Contact Sales

For partners

MSSP

For companies that manage multiple clients.

  • All Professional features
  • White label
  • Manage your tenants
  • Deployment bundles
  • Get faster results for:
  • ISO / SOC / Privacy implementations
  • Centralized audit full functionality
  • Fully customizable templates with mass deployment
  • Integrated AI to fast track and support your clients

Get in touch

Learn more about Acuna for MSSPs →

Request access

Stop compromising. Start commanding.

Tell us who you are and what you need. Requests are sent directly to our team.

Spam protection is enabled via CAPTCHA and a bot trap.