Plans and Pricing
Individual Teams
Built for teams wanting to supercharge cyber GRC
We’ve crafted a pricing model that’s not just disruptive but
designed to offer you unbeatable value.
Unlimited users
Included content
Includes all modules
No usage limits
Unlimited AI-powered capability at your fingertips
-
Unlimited users
-
Unlimited use cases
-
Unlimited frameworks & content
-
Unlimited audits & assessments
-
Unlimited vendors
-
All features & modules
-
Hailey AI engine
-
Analytics & reporting
Pricing is based on the size of your organization.
Included standards, frameworks, libraries and templates
Features
- The Spoke
- Audit & Assessment
- Risk Management
- Vendor & Third-Party Risk Management
- Issue & Incident Management
- Policy, Obligation & Control Management
- Compliance Management
- Continuous Control Monitoring
- Artificial Intelligence
- Custom Registers
- Asset Management
- Vulnerability Management
- Trust Portal
- Attestations
- Platform
- Support & customer success
Features
Audit & Assessment
Included | |
---|---|
Unlimited questionnaire-based assessments
|
|
Recurring and scheduled assessments
|
|
Skip logic for assessment branching
|
|
Unlimited requirements-based assessment for control self-assessment and internal audit
|
|
Automated audit and assessment response powered by Hailey GPT
|
|
Mapping to controls and authorities
|
|
Automated risk and incident recommendations
|
|
Evidence upload and attachments
|
|
Tag management
|
|
Audit and assessment access control
|
|
Share assessment and audit templates across spokes
|
|
Bulk send assessments to spokes for response
|
|
Risk Management
Included | |
---|---|
Registers
|
|
Automated risk reviews
|
|
Risk libraries
|
|
Custom workflows and stage requirements
|
|
Custom risk assessment frameworks
|
|
Assignment of risk treatment plans
|
|
Custom fields
|
|
Tag management
|
|
Risk access control
|
|
Vendor / Third-Party Risk Management
Included | |
---|---|
Unlimited vendors
|
|
Recurring and scheduled assessments
|
|
Automated linking to risks and issues
|
|
Custom vendor onboarding forms
|
|
Automated vendor assessments
|
|
Workflow
|
|
Custom fields
|
|
Tag management
|
|
Issue & Incident Management
Included | |
---|---|
Registers
|
|
Issue and incident libraries
|
|
Workflow
|
|
Assignment of issue actions
|
|
Custom issue and incident submission forms
|
|
Custom fields
|
|
Tag management
|
|
Issue and incident access control
|
|
Jira integration for issue actions
|
|
Policy, Obligation & Control Management
Included | |
---|---|
Manage obligations or control sets
|
|
Assignment of control responsibilities
|
|
Employee policy viewer
|
|
Automated control to compliance mapping with Hailey AI
|
|
Share policies, obligations and controls across spokes
|
|
Automatic updates to control linkages for new versions of standards and frameworks
|
|
Compliance Management
Included | |
---|---|
Compliance obligation management
|
|
Manual compliance mapping
|
|
Automated compliance mapping with Hailey AI
|
|
Artificial Intelligence (meet Hailey AI!)
Included | |
---|---|
Conversational AI assistant built for cyber GRC
|
|
Real-time insights into your GRC program
|
|
Context aware responses powered by AI and your data
|
|
Navigate to assessments, risks, issues, third parties, controls and more
|
|
Contextual support, education and knowledge base article recommendations
|
|
Continuous Compliance Management
Included | |
---|---|
Automated and continuous testing of internal technical controls
|
|
Real-time alerts for control failures, configuration issues, and security incidents
|
|
Reporting, including test coverage, pass-fail ratios and control performance
|
|
Actionable recommendations
|
|
Integrations with cloud providers and monitoring tools (Wiz, Laceworks, Azure, AWS, GCP)
|
|
Custom Registers
Included | |
---|---|
Unlimited custom registers and register items
|
|
Custom fields per register
|
|
Link register items to issues, incidents and risks
|
|
Data entry forms via Zapier
|
|
Tag management
|
|
Register access control
|
|
Asset Management
Included | |
---|---|
Unlimited assets
|
|
Link to issues, incidents, risks and vulnerabilities
|
|
Custom fields
|
|
Integration with ServiceNow
|
|
Asset access control
|
|
Vulnerability Management
Included | |
---|---|
Ingest vulnerability data from scanning tools
|
|
Pre-defined mappings to Nessus and Qualys
|
|
Define your own mappings for any scanning tool
|
|
Automated linkage to assets, risks and issues
|
|
Trust Portal
Included | |
---|---|
Share audits, assessments and control sets
|
|
Profile viewer access management
|
|
Public trust portal profiles and content
|
|
Tag management
|
|
Upload supporting documentation
|
|
Attestations
Included | |
---|---|
Run attestation flows for control sets and risks
|
|
Unlimited attestation respondents
|
|
Platform features
User access & security
Included | |
---|---|
Role based access control (RBAC)
|
|
Multi-factor authentication
|
|
Single Sign-On (Okta, Azure AD, PingID)
|
|
Custom branding
|
|
Data level permissions
|
|
Content management
Included | |
---|---|
Integrated frameworks, standards, laws, and regulations
|
|
Pre-defined risk and issue libaries
|
|
Pre-defined audit and assessment templates
|
|
Pre-defined obligation and control sets
|
|
Pre-defined projects and playbooks
|
|
Define your own content
|
|
Share content across teams
|
|
Reporting & analytics
Included | |
---|---|
Pre-built reports
|
|
Dashboards
|
|
LiveDocs stories and presentations
|
|
Custom report builder
|
|
Send reports to external team members
|
|
Power BI connector for advanced analytics
|
|
Rolled up reporting and analytics across spokes
|
|
Developer API
Included | |
---|---|
Developer API using REST architecture
|
|
Build custom GRC workflows
|
|
Trigger internal and external events
|
|
Export and integrate data for advanced reporting
|
|
Build custom control tests
|
|
Support & customer success
Included | |
---|---|
Onboarding
|
|
Implementation
|
|
On-going support
|
|
Intelligently accelerate your cyber risk and compliance program today
Stop wasting time with complicated pricing, longwinded consulting efforts and outdated technology.