The toolkit for external ISOs and certification consultants
11 frameworks with 583 practical guidance notes, adaptable to any industry. Custom audit catalogs via JSON, cross-mapping through ISO 27001 as a hub.
What ISMS Lite offers you as a consultant
Cross-Mapping through ISO 27001
ISO 27001 is the hub. Every additional framework is linked through it. In the SoA, you can instantly see which controls are already covered — you only work on the gaps.
583 Practical Guidance Notes
For each control: What's required, minimum implementation, real-world example for ~100 employees, typical evidence. The documentation you'd otherwise write yourself before every audit.
Fully Editable
Adapt guidance texts to the industry and client context — no feature request, no waiting for an update. Your changes are preserved across updates.
Custom Audit Catalogs
Import your own questionnaires or audit checklists as JSON, link them to ISO 27001, and use them directly in the tool.
White-Labeling
Customize logo, colors, and name. Your clients work in a tool under your brand, self-hosted on your infrastructure.
Open Formats
Frameworks, exports, mappings — all JSON. No proprietary formats, no lock-in. Your work belongs to you.
The Difference
Your Knowledge, Your Format
Every framework is a JSON file. Every guidance text is editable. You build your own consulting stack: industry-specific instructions, custom audit catalogs, custom mappings. No feature request, no ticket system, no waiting. Your changes are preserved across updates.
- Frameworks: JSON files with controls, categories, and practical guidance
- Guidance texts: Editable per control — adaptable to industry, company size, and client context
- Mappings: Define your own links to ISO 27001 as a hub
- Import: Add your own audit checklists or questionnaires as JSON
11 Frameworks Included
All with practical guidance for every control, all with cross-mapping to ISO 27001. Ready to use immediately, fully customizable at any time.
Partner Packages
Full feature set at every tier — the only difference is the number of client instances. No user limits per instance.
In jedem Paket enthalten
- All modules and 11 frameworks with practical guidance
- No user limits per instance
- Custom frameworks and audit catalogs via JSON
- All guidance texts freely editable
- Cross-mapping through ISO 27001 hub
- We support you, you support your clients
All prices exclude VAT.
Need more than 50 instances? Contact us for a custom quote. Kontakt aufnehmen
Frequently Asked Questions
Who is the Partner package for?
For IT security consultants, external Information Security Officers (ISOs), and certification advisors who support multiple clients with ISMS implementation and audit preparation. You deploy a dedicated instance per client and work with the client within it.
Where does ISMS Lite run?
On your infrastructure, on a dedicated VPS per client, or directly at the client's site. You decide what fits the respective setup. Docker Compose is sufficient — Kubernetes is not required.
Do I need programming skills to create custom frameworks?
No. A framework is a JSON file with a documented structure: name, version, controls with number, title, and description. You create the file, place it in the seed folder, and import it.
How does cross-mapping work in practice?
ISO 27001 is the hub. Every other framework is linked to ISO controls via a mapping file. The mapping type is 'equivalent' or 'partial'. In the Statement of Applicability, you can then see per control which frameworks it covers.
Who provides support to end clients?
You do. We support you as a partner with technical questions about the platform and framework formats. You are responsible for client support yourself.
Order Now or Request a Quote
Choose your package and license model. For orders, you'll receive the invoice by email.