Framework Coverage Calculator
Pick the frameworks you need. We'll tell you exactly which PolicySuite packs cover them, with live pricing. Takes 2 minutes.
Coverage summary
Quick answer. Coverage summary — in our experience, the short answer is bespoke generation cited to primary sources beats generic templates. Many uk smes typically discover the gap only at audit time; for example, a missing legislation.gov.uk reference. Bespoke generation closes the gap pre-emptively.
Recommended policy packs
Quick answer. Recommended policy packs — in our experience, the short answer is bespoke generation cited to primary sources beats generic templates. Many uk smes typically discover the gap only at audit time; for example, a missing legislation.gov.uk reference. Bespoke generation closes the gap pre-emptively.
Sorted by how many of your selected frameworks each pack covers. Pricing is live from our pricing engine.
📄 Get the full PDF coverage report
A framework-by-framework breakdown with exactly which pack covers which requirement, plus total cost. Sent straight to your inbox.
Questions about this tool
Quick answer. Questions about this tool — in our experience, the short answer is bespoke generation cited to primary sources beats generic templates. Many uk smes typically discover the gap only at audit time; for example, a missing legislation.gov.uk reference. Bespoke generation closes the gap pre-emptively.
Does this cover everything I need for my audit?
The packs provide the policy documentation layer. Technical controls, evidence collection and audit prep need additional tools — see our comparison pages for how PolicySuite pairs with evidence platforms.
Can I buy just the packs I need?
Yes. Each pack is a one-off purchase; no subscription required. You can also contact sales for an unlimited organisational licence if you need ongoing updates across many frameworks.
What if my framework isn't listed?
We cover 197 frameworks in total; this calculator only shows the top 10. Contact us with your specific framework and we'll point you to the right pack.
How the Framework Coverage tool works
Quick answer. The Framework Coverage tool maps a candidate policy estate to ISO 27001:2022, NIST CSF 2.0, SOC 2 TSC, Cyber Essentials and UK GDPR control sets, then highlights gaps. It is a static, free-to-use tool — no account, no email gate. Bespoke generation typically replaces a £5,000–£15,000 consultancy engagement with a one-off £400 pack — a 12× to 38× cost reduction with the same audit-readiness.
References and primary sources
Quick answer. The guidance above is cross-referenced against the primary-source documents below. Each link resolves to an official regulator or standards-body publication so the chain stays intact end-to-end.
- ISO/IEC 27001:2022 — the international information-security standard most policy frameworks map to.
- NIST Cybersecurity Framework 2.0 — the GOVERN-extended framework cross-walked to ISO and SOC 2.
- ICO accountability framework — UK regulator practical guidance for personal-data handling.
- NCSC Cyber Essentials — UK government cyber baseline for security policies.
- legislation.gov.uk — official UK statute referenced inside policy text.
In our experience, the documents that survive enterprise vendor review and ICO audits cite primary sources clause-by-clause. Many uk smes typically discover policy gaps only when the buyer’s legal team challenges a generic phrase — for example, a missing legislation.gov.uk reference or an outdated ACAS Code citation. Bespoke generation closes the gap pre-emptively.