Guided Compliance as a Service (GCaaS)
Our pricing is based on the annual revenue of your organization. We structured it this way so that smaller and less complex organizations can still leverage the Rizkly compliance software automation platform at a cost that makes business sense. And to expedite arriving at your actual cost for choosing Rizkly. Our costs increase with company size as larger organizations have more users, artifacts, support needs, and overall platform usage.
In addition to our compliance program management platform, Rizkly gives you the option to monthly expert advisory hours. Your dedicated compliance expert answers questions, provides strategic guidance, helps you avoid costly pitfalls, prepares you for audits and performs heavy lifting tasks as required.
- Regardless of the size of your organization, you get access to all of our powerful cybersecurity compliance features.
- If you need expert cybersecurity or data privacy guidance, select the number of monthly Rizkly expert advisor hours to see pricing for this option.
- If you have any questions or you’re ready to purchase, please contact us.
If you’re an advisory firm, MSP or software vendor and would like to learn more about embedded compliance, reseller or referral partnerships, just reach out so we can learn more and tell you about tailored packages that meet your specific situation.
| <$10M | $10M - $50M | $50M - $500M | $500M + | |
|---|---|---|---|---|
| Platform Price | $250/mo or $3k/yr | $750/mo or $9k/yr | $2,000/mo or $24k/yr | $5,000/mo or $60k/yr |
| Advisory Price | Choose Hours Below | Choose Hours Below | Choose Hours Below | Choose Hours Below |
| Projects | Unlimiited | Unlimiited | Unlimiited | Unlimiited |
| User Licenses | 15 | 35 | 70 | 125 |
| Advisory Hours |
| Expert Advisory | <$10M | $10M - $50M | $50M - $500M | $500M + |
|---|---|---|---|---|
| Quarterly Check-In |
|
|
|
|
| Built-In Advice & Control Guidance |
|
|
|
|
| Online Advisor Notes & Collaboration |
|
|
|
|
| Initial Compliance Baseline Assessment |
|
|
|
|
| CMMC v2 L1 & L2 |
|
|
|
|
| NIST 800-171 |
|
|
|
|
| NIST 800-53 |
|
|
|
|
| ITAR |
|
|
|
|
| SOC2 |
|
|
|
|
| NERC CIP-013-1 |
|
|
|
|
| CCPA |
|
|
|
|
| GDPR |
|
|
|
|
| C-11 - Coming Soon |
|
|
|
|
| FedRAMP |
|
|
|
|
| HIPAA |
|
|
|
|
| ISO27001 |
|
|
|
|
| PCI-DSS |
|
|
|
|
| CCPA |
|
|
|
|
| Custom Create Your Own |
|
|
|
|
| Continuous Compliance | <$10M | $10M - $50M | $50M - $500M | $500M + |
| Executive & Compliance Dashboards |
|
|
|
|
| Task Reminder Emails & Alerts |
|
|
|
|
| Advanced Task Management & Tracking |
|
|
|
|
| POAM & Overdue Items PDF Reports |
|
|
|
|
| RizkMapTM Framework Mapping |
|
|
|
|
| RizkMapTM Common Controls Automation |
|
|
|
|
| RizkMap Control Dependency Management |
|
|
|
|
| Incident Response Tracking |
|
|
|
|
| Risk Register & Reporting |
|
|
|
|
| Compliance Project Cloning |
|
|
|
|
| Vendor/Supply Chain Compliance |
|
|
|
|
| Assessment Questionnaires | < $10M | $10M - $50M | $50M - $500M | $500M + |
| Questionnaire Users[fusion_text] |
|
|
|
|
| CMMC Self Assessment Guided Questionnaire |
|
|
|
|
| Vendor/Stakeholder Questionnaire |
|
|
|
|
| Compliance Documentation | < $10M | $10M - $50M | $50M - $500M | $500M + |
| Document Library |
|
|
|
|
| System Environment & Boundary |
|
|
|
|
| Automated SSP Generation & Management |
|
|
|
|
| Automated POA&M Generation & Management |
|
|
|
|
| Evidence Storage by Control |
|
|
|
|
| Custom Create Your Own |
|
|
|
|
| Policy Manager |
|
|
|
|
| Policy & Procedure Templates |
|
|
|
|
| Pre-Mapped Policy Templates[fusion_text] |
|
|
|
|
| Policy Versioning |
|
|
|
|
| Audit Readiness | < $10M | $10M - $50M | $50M - $500M | $500M + |
| Control Self Assessment |
|
|
|
|
| Assessor/Partner Access & Notes |
|
|
|
|
| DFARS 800-171 Scoring |
|
|
|
|
| Pre-Audit Artifact Validation |
|
|
|
|
| Audit & Certification Expert Facilitation |
|
|
|
|
| Accelerated Audit Success w/ Rizkly Audit Prep TM |
|
|
|
|
| Cyber Awareness | <$10M | $10M - $50M | $50M - $500M | $500M + |
| Awareness Users[fusion_text] |
|
|
|
|
| Cyber Core Training |
|
|
|
|
| Create Your Own Training Course |
|
|
|
|
| Training & Survey Status Dashboard |
|
|
|
|
| Advanced Features | <$10M | $10M - $50M | $50M - $500M | $500M + |
| One-Click Data Export |
|
|
|
|
| Multi-Factor Authentication |
|
|
|
|
| Inherited Controls & Shared Responsibility Tracking |
|
|
|
|
| One-Click "800-171" to "CMMC" Migration |
|
|
|
|
| Azure AD Authentication |
|
|
|
|
| Bring Your Own Storage |
|
|
|
|
| Advanced Logging |
|
|
|
|
| Evidence API |
|
|
|
|
| OSCAL API |
|
|
|
|
| On-Premise Deployment | Available | Available | Available | Available |
| Gov Cloud Infrastructure | Available | Available | Available | Available |
Rizkly experts will advise, guide and review hardware and software technology changes to ensure that they address specific compliance controls but we do not perform the actual implementation work. Over the years, we have a developed a trusted ecosystem of partners who offer effective and affordable solutions to expedite remediation of security and compliance gaps. We will gladly refer you to appropriate partners if and when the need arises. Creating policies, procedures and other artifacts are also a key part of compliance remediation efforts and these are activities that our advisors do perform using powerful Rizkly features for policies and procedures.
Rizkly cybersecurity compliance advisors will work with you through the entire lifecycle of your compliance initiative. We will scale up/down depending on specific need, and we co-create our involvement in the early stages of the project. Typical project activities include:
- Gain an understanding of your business, your clients, your system(s), and your anticipated compliance requirements
- Educate your team members on compliance requirements, how to leverage the Rizkly app and what will be expected throughout the effort
- Develop the system ‘boundary’, and what will be in scope for compliance purposes
- Draft a system architecture diagram that clearly depicts the system boundary
- Review existing documentation and work with your team members to understand system and process specifics
- Perform a high level gap assessment to determine what controls are in place and operating effectively, and where there are gaps
- For each gap determine a detailed plan of action to remediate
- Collaborate as needed with personnel (staff and/or your vendors) during remediation.
- Provide advisory support, develop documentation, design controls, review evidence, audit prep, etc.
- Ensure that all artifacts and control implementation statements are effectively captured in Rizkly
- Educate your team on how to leverage Rizkly to generate audit-ready documentation such as SSPs, POAM reports and SPRS scoring
- Post-remediation ensure that all controls are in place and operating effectively
