d:["$","$L18",null,{"locale":"en","now":"$D2025-04-02T16:15:28.220Z","timeZone":"UTC","messages":{"global":{"learnMore":"Learn more","readMore":"Read more","recentPosts":"Recent posts","rights":"All rights reserved.","cookies":{"message":"This website uses cookies to ensure you get the best experience on our website.","policy":"Cookie policy","accept":"Allow Cookies","decline":"Decline"},"error":{"title":"Something's gone wrong","description":"An error occurred - we're working on it","error":{"code":"Error {code}"},"message":"Sorry, an unexpected error has occurred. Our team has been notified and is working to resolve the issue.","details":{"summary":"Technical Details"},"actions":{"retry":"Try again","back":"Go back"},"support":{"message":"If this problem persists, please contact our support team.","errorId":"Error Reference"}},"imageAlt":{"profile":"{name}'s profile photo"},"cta":{"long":{"title":"Grow your business, not your compliance burden","description":"Every business deals with compliance at some point: while preparing for an investment round, applying for an operating license, or closing a deal with a big customer.","description2":"This is not the moment to panic. This is the moment to call us.","button":"Book a demo"},"short":{"title":"Turn compliance into your competitive edge — start today!","answer":"If your company is new to compliance or a fan of self service then the Starter package is for you. The Growth package unlocks the content library and is perfect if you have multiple compliance frameworks. We'll help you prepare for your next audit, and get started with automation. Midsize and Enterprise plans drive speed and automation at scale.","button":"Book a demo"},"button":{"defaultText":"Get started","getInTouch":"Get in touch","hubspotUrl":"https://meetings.hubspot.com/dennis-vdw?embed=true","tabs":{"scheduleMeeting":{"name":"Schedule meeting","icon":"CalendarIcon","title":"Schedule a 30 minute meeting","description":"Our team is ready to demo and answer all your questions.","content":"formBookMeeting","url":"https://meetings.hubspot.com/dennis-vdw?embed=true"},"sendMessage":{"name":"Send message","icon":"EnvelopeIcon","title":"Send us a message","description":"Send an e-mail and we'll get back to you as soon as possible","content":"formSendMessage","url":"hubspot"}}},"form":{"footermsg":"Didn't find a suitable date in the calendar? Send a message instead!","button":"Close","firstname":"First name","lastname":"Last name","workemail":"Work email","yourmessage":"Your message","submitmsg":"By submitting this form you allow us to contact you, and you agree to our Privacy Policy","submit":"Submit","submitted":"Submitted!","completionTitle":"Meeting Scheduled!","competionMessage":"Thank you for booking. You'll receive a confirmation email shortly.","closeButton":"Close"}}},"navigation":{"features":{"title":"Features","content":{"risks":{"title":"Risk assessment","description":"Score pre-defined risks with AI"},"policies":{"title":"Policy center","description":"30+ templates included"},"controls":{"title":"Controls management","description":"Simple, powerful, and flexible"},"integrations":{"title":"Integrations","description":"Automate testing and compliance"},"issues":{"title":"Issues management","description":"All your to do's in one place"}}},"frameworks":{"title":"Frameworks","content":{"iso27001":{"title":"ISO27001","description":""},"soc2":{"title":"SOC2","description":""},"nis2":{"title":"NIS2","description":""},"dora":{"title":"DORA","description":""},"gdpr":{"title":"GDPR","description":""},"all":{"title":"All frameworks","description":""}}},"solutions":{"title":"Solutions","content":{"starter":{"title":"Starter","description":"Win bigger deals by preparing for - and passing - your first audit"},"growth":{"title":"Growth","description":"Grow fearlessly with more frameworks and advanced reporting"},"midsize":{"title":"Midsize","description":"For teams looking for collaboration and automation at scale"},"enterprise":{"title":"Enterprise","description":"Conquer enterprise-level complexity and breadth with a personalised setup"}}},"services":{"title":"Services","content":{"implementation":{"title":"Implementation","description":"Our compliance experts are here to help"},"maintenance":{"title":"Maintenance","description":"Ongoing support and updates"},"directory":{"title":"Partner directory","description":"Browse services offered by our partners"}}},"customers":{"title":"Customers","content":{"odido":{"title":"Odido","description":"Discover how a major telco went from convoluted Excels to compliance confidence in just 3 months."},"nedscaper":{"title":"Nedscaper","description":"Watch how this tech company rescued their ISO certifications and achieved dual ISO compliance in just 12 weeks."}}},"resources":{"title":"Resources","content":{"help":{"title":"Help center","description":"Find answers and support"},"blog":{"title":"Blog","description":"Helpful articles and product updates"},"glossary":{"title":"Glossary","description":"Key compliance terms explained"},"signIn":{"title":"Customer login","description":"Access your account"},"status":{"title":"System status","description":"Check Tidal platform availability"}}},"company":{"title":"Company","content":{"team":{"title":"About us","description":"Meet team Tidal"},"mission":{"title":"Mission","description":"Why we do what we do"},"security":{"title":"Security","description":"Your data, our priority"},"contact":{"title":"Contact us","description":"Get in touch with us"}}},"legal":{"title":"Legal","content":{"privacy":{"title":"Privacy","description":"Our privacy policy"},"terms":{"title":"Terms","description":"Terms of service"},"disclosure":{"title":"Disclosure","description":"Responsible disclosure policy"}}},"product":{"title":"Product"},"pricing":{"title":"Pricing"},"home":{"title":"Empowering the Brave.","description":"Tidal uses automation to take away the burden of compliance activities, with a GRC platform that is as easy to use as it is to operate."},"bookDemo":{"title":"Book a demo","shortTitle":"Demo"},"signIn":{"title":"Sign in"},"toggleNavigation":"Toggle Navigation"},"home":{"hero":{"title":{"part1":"Master","part2":"with minimal effort"},"description":{"part1":"Tidal Control helps start-ups and scale-ups to achieve compliance standards like ISO27001 efficiently and confidently, with the power of automation and guided support.","part2":"Accelerate your journey to compliance certification with Tidal Control – your partner in growth and security."},"image":{"alt":"Platform screenshot showing compliance management features"}},"logoCloud":{"title":"Trusted by Europe's bravest innovators"},"features":{"title":"Speed up every step of your compliance journey.","content":[{"name":"Automated control tests","description":"Validate your cloud security instantly and streamline audit preparation by eliminating the scramble for screenshots."},{"name":"Refreshingly simple","description":"Tidal puts clarity first. Experience a platform that's straightforward, efficient and designed around the way you work."},{"name":"Proudly made in Europe","description":"Built with European compliance in mind, and it shows. EU content, EU cultural fit, and strong network of regional partners and auditors."}]},"solutions":{"ariaLabel":"Solution features","content":{"Starter":{"title":"Starter","description":"For startups and small businesses taking their first steps in compliance. Our platform guides you through the process.","imageAlt":"Starter solution screenshot"},"Growth":{"title":"Growth","description":"Tidal grows with your business, providing a flexible framework that adapts to your evolving security needs.","imageAlt":"Screenshot of Tidal Control's growth solution"},"Midsize":{"title":"Midsize","description":"Designed for teams working on multiple compliance frameworks and across departments or locations.","imageAlt":"Screenshot of Tidal Control's midsize solution"},"Enterprise":{"title":"Enterprise","description":"Master complex compliance needs with advanced security features, dedicated support, and customisation options","imageAlt":"Screenshot of Tidal Control's enterprise solution"}}},"testimonials":{"avatarAlt":"Profile picture of {name}","previousButtonLabel":"Previous testimonial","nextButtonLabel":"Next testimonial","goToTestimonialLabel":"Go to testimonial {number}","content":[{"quote":"Their attitude gave us trust and confidence that we would deliver on time, which we did.","name":"Martijn Ronteltap","role":"Director GRC | Chief Security Officer","company":"Odido"},{"quote":"If you are looking for a reliable partner with deep expertise and commitment, I highly recommend Tidal Control.","name":"Hester Groenendijk","role":"Head of Compliance","company":"Brainstax"},{"quote":"The knowledge, guidance, and ease-of-use that Tidal's tool, templates, and collaboration brought us truly made this possible.","name":"Maurits Broers","role":"Head of Delivery","company":"Nedscaper"},{"quote":"Their support has been invaluable in our compliance journey.","name":"Joris Arts","role":"Head of Compliance","company":"Floryn"}]},"timeline":{"title":"Get certified in 3 clear phases","phases":[{"step":"Phase 1: Preparation","name":"Build your foundation","description":"Start with a comprehensive gap analysis to understand your current position. We'll help create a detailed roadmap, define your scope, and set up Tidal to match your needs."},{"step":"Phase 2: Implementation","name":"Put controls in place","description":"Implement required controls and policies using our templates and automation. Our experts guide you through each step while our platform helps track progress and collect evidence."},{"step":"Phase 3: Certification","name":"Achieve certification","description":"Complete internal audits, conduct management review, and prepare for your certification audit with expert support at every step. We'll help ensure you're fully prepared."}]},"faq":{"title":"Frequently asked questions"}},"contact":{"title":"Contact us","description":"Have questions or need support? We're here to help! Reach out to us through the contact button below, and we'll get back to you as soon as possible.","ariaLabel":"Tidal Control's contact us page","address":{"label":"Address"},"chamberOfCommerce":{"label":"Chamber of Commerce","abbreviation":"CoC"},"vat":{"label":"VAT Number","abbreviation":"VAT"},"ctaButton":"Get in touch","image":{"alt":"Tidal Control office team"}},"mission":{"title":"Our Mission","description":"Discover our purpose and vision for making compliance accessible for organizations of all sizes."},"privacy":{"title":"Privacy Policy","description":"Learn how we protect your data and respect your privacy while using our compliance platform."},"terms":{"title":"Terms of Service","description":"Review our terms and conditions governing the use of Tidal Control's compliance platform."},"disclosure":{"title":"Responsible Disclosure","description":"Our approach to security reporting and how we handle vulnerability disclosures responsibly."},"status":{"title":"System Status","description":"Check the current status of Tidal Control's platform and services."},"pricing":{"eyebrow":"Pricing","title":"The right solution for your needs","description":"Choose the plan that works best for your organization's size and needs.","aria":{"featuresLabel":"Tidal Control's features","pricingComparison":"Pricing plan comparison","getStarted":"Get started with the plan for "},"billing":{"annualLabel":"Pay annually and","discount":"save 15%","perMonth":"/month"},"price":"Price","getInTouch":"Get in touch","tiers":{"starter":{"name":"Starter","description":"Prepare for - and pass - your first compliance audit."},"growth":{"name":"Growth","description":"More frameworks, more automation, more support."},"midsize":{"name":"Midsize","description":"Start collaborating, complying, and automating at scale."},"enterprise":{"name":"Enterprise","description":"Automation and support in an enterprise landscape."}},"sections":{"features":{"name":"Features"},"security":{"name":"Security & compliance"},"support":{"name":"Support"}},"features":{"included":"Included","notIncluded":"Not included","in":"in","inclusionStatus":" ","frameworks":{"name":"Frameworks"},"policy-toolkit":{"name":"Policy toolkit"},"control-libraries":{"name":"Control/Risk libraries"},"bring-data":{"name":"Bring your own data (any)"},"tidal-integrations":{"name":"Tidal Integrations"},"custom-integrations":{"name":"Custom Integrations (we build)"},"api-integrations":{"name":"Develop integrations (API)"},"powerbi":{"name":"PowerBI reporting"},"gdpr":{"name":"GDPR-compliant DPA"},"assurance":{"name":"Assurance provided by Tidal"},"rbac":{"name":"Role-based access control"},"audit-logs":{"name":"Audit logs"},"sso":{"name":"Single Sign On"},"custom-terms":{"name":"Custom Terms"},"onboarding":{"name":"1:1 onboarding tour"},"online-support":{"name":"8/5 online support"},"workspaces":{"name":"Workspaces"},"phone-support":{"name":"Priority phone support"},"data-import-export":{"name":"Import & export data"},"account-manager":{"name":"Personal account manager"},"custom-sla":{"name":"Custom SLA"}}},"faq":{"title":"Frequently Asked Questions","description":"Find answers to common questions about our services and features.","eyebrow":"Questions & Answers","questions":[{"question":"What is Tidal Control?","answer":"Tidal Control is a comprehensive compliance management platform that helps organisations streamline their security and compliance processes."},{"question":"How does Tidal Control ensure data security?","answer":"We employ multiple layers of security including data encryption, multi-zone availability, and strict access controls to protect your data."},{"question":"Where is my data stored?","answer":"All your data is stored within the EU on Microsoft Azure's secure cloud infrastructure."},{"question":"Can I integrate Tidal Control with my existing systems?","answer":"Yes, Tidal Control offers various integration options through our API and native connectors to common business systems."},{"question":"What certifications does Tidal Control have?","answer":"Tidal Control is certified and follows industry best practices for security and data protection."},{"question":"How do I get started with Tidal Control?","answer":"Getting started is easy. Simply contact our sales team for a demo, and we'll guide you through the onboarding process."}]},"team":{"title":"Meet the team","description":"Tidal was founded by professional hackers and information security and compliance experts. Together we are on a mission to automate compliance for startups and enterprises alike","eyebrow":"About us","socialLinks":{"github":"GitHub Profile","linkedin":"LinkedIn Profile","email":"Email Address"},"members":{"dennis":{"title":"Founder","role":"Vision, Sales & Customer","description":"Dennis is a jack of all trades, working simultaneously in marketing, sales, customer support, partnerships, and sometimes even a bit of UX/UI.","background":"Dennis has a background in econometrics, IT auditing, and data science."},"max":{"title":"Founder","role":"Product & Architecture","description":"Besides heading product development and platform architecture, Max is an expert in security testing, penetration testing and red teaming.","background":"Max has a background in software dev., electrical engineering, and IT security."},"martijn":{"title":"Founder","role":"Operations & Finance","description":"Martijn takes care of Finance, Hiring, and customer success. In the latter, Martijn's expertise as a professional hacker and IT auditor shines through.","background":"Martijn is an expert in IT security, cryptography, and software development."},"maria":{"title":"Founder","role":"Advisor to the Board","description":"In her role as advisor, Maria draws on her experience as global head of Internal Control of Philips, Partner at KPMG, and roles at Shell and Maersk.","background":"Maria has a background in econometrics, finance, and internal control."},"evan":{"title":"","role":"Software Developer","description":"Following his PhD, an internship at Tidal awakened Evan's passion for programming, and he joined Tidal as the first employee.","background":"Evan has a background in Chemical process engineering and Physical process modelling."},"donghwi":{"title":"","role":"Software Developer","description":"Donghwi has been working as a fullstack engineer at Tidal since completing his Bachelor's degree in Computer Science and Engineering at TU Delft.","background":"Donghwi is currently pursuing a Master of Science in Software Engineering."},"hailang":{"title":"","role":"Sales Development Representative","description":"Born in the Netherlands and roots in China, Hailang has a passion for sales and business development and started his professional career at Tidal.","background":"Hailang has a background in Business administration."},"dimitar":{"title":"","role":"Software Developer","description":"Since starting as an intern at Tidal automating the evidence collection proces, Dimitar has worked on many fullstack projects across Tidal.","background":"Dimitar is currently finalising his Bachelor's degree in ICT & Software Engineering."}}},"security":{"title":"Security at Tidal Control","description":"Tidal was founded by Information security experts and ethical hackers with over 35 years of industry and Big 4 experience. We have designed, implemented, and audited SOC2 Type II compliant software systems.","eyebrow":"Security","report":{"text":"Reporting a vulnerability? Visit our Responsible Disclosure page","url":"/disclosure"},"certification":{"title":"Tidal Control is ISO27001 certified","alt":"Tidal Control is a ISO27001 certified company"},"contact":{"intro":"Want to learn more? We welcome any feedback, questions, and suggestions.","text":"Contact us at security@tidalcontrol.com"},"features":{"foundation":{"eyebrow":"A secure foundation","title":"Cloud security","description":"Infrastructure stands at the core of our technology operations, and as such, infrastructure security is the foundation of our overall security strategy."},"foundation_content":[{"name":"Microsoft Azure Cloud","description":"Tidal Control is hosted on Microsoft Azure, which is ISO27001 and SOC2 Type II certified. For more information and audit reports visit the Microsoft Azure Compliance offerings website.","icon":"CloudIcon"},{"name":"Infrastructure as Code","description":"Our infrastructure is managed with Terraform, allowing us to automate the entire configuration process and leverage community expertise and best practices.","icon":"ServerStackIcon"},{"name":"Periodic Threat Modelling","description":"We perform periodic threat modelling to identify and validate relevant threat actor scenarios, to determine business impact and associated risks, and to implement mitigating measures proactively.","icon":"ExclamationTriangleIcon"},{"name":"Third party management","description":"We keep a tight grip on data flows and access rights, and regularly review our vendor's adherence to our security policies and standards.","icon":"ClipboardDocumentCheckIcon"}],"app":{"eyebrow":"A secure web app","title":"Application security","description":"Secure software is an ongoing process involving people and practices, where security is built in and software is developed with security in mind. We follow the GitOps principles to achieve just that."},"app_content":[{"name":"Identity Management","description":"Users are authenticated with Keycloak, with SSO and MFA. We use Azure Key Vault to store Cryptographic keys, secrets and authentication credentials used by our cloud app and services.","icon":"IdentificationIcon"},{"name":"Access Control","description":"We apply the least privileges principle to our employees. Development and Production environments are segregated, and all user activity is logged and monitored.","icon":"LockClosedIcon"},{"name":"Continuous Vulnerability Monitoring","description":"We monitor our environment continuously for vulnerabilities and errors associated with our code and code libraries, with tools such as Dependabot and Sentry.","icon":"BellAlertIcon"},{"name":"Code Quality and Security","description":"Our development pipeline is protected with branch policies and mandatory code reviews. We use Dependabot to manage vulnerabilities associated with the (third party) code libraries we use in our product.","icon":"CodeBracketIcon"}],"data":{"eyebrow":"Secure data processing","title":"Data security","description":"Data Security and Privacy are two foundational elements of building trust with our and your users, customers, and employees."},"data_content":[{"name":"Data Encryption","description":"We encrypt data at rest and in transit with strong encryption, and market-leading cryptographic configuration. Azure Key Vault safeguards cryptographic keys, secrets and authentication credentials.","icon":"KeyIcon"},{"name":"Multi-Zone Availability","description":"Tidal Control runs in multiple availability zones, with data and backups also being replicated across multiple zones within the EU. Backups are encrypted using AES 256-bit encryption.","icon":"GlobeEuropeAfricaIcon"},{"name":"Personal Data","description":"Personal data is managed in line with our Privacy policy and GDPR. Data Protection Agreements (DPA) are in place with third parties. We have no subprocessors. Your data remains within the EU.","icon":"UsersIcon"},{"name":"Data Hosting","description":"We're a multi-tenant application hosted on Microsoft Azure. All customers receive their own platform tenant, where data is inaccessible to other tenants.","icon":"Squares2X2Icon"}]}},"features":{"index":{"title":"Features","description":"Explore our comprehensive suite of compliance management tools.","shortDescription":"Explore our comprehensive suite of compliance management tools."},"assets":{"eyebrow":"Features","title":"Business impact analysis made simple","description":"Transform asset management and business impact analysis into a streamlined process. Track critical metrics, set up targeted controls, and ensure your most important assets get the protection they need - all from one central dashboard.","features":{"smartImpact":{"name":"Smart impact analysis","description":"Perform business impact analysis directly in Tidal. Assess and track Availability, Integrity, and Confidentiality (AIC) scores for each asset to understand your critical priorities."},"recovery":{"name":"Recovery planning","description":"Track essential metrics for business continuity including Recovery Point Objective (RPO), Recovery Time Objective (RTO), and Minimum Acceptable Service Level (MASL) for your critical assets."},"registry":{"name":"Central asset registry","description":"Keep all asset information in one place, including descriptions, owners, and critical metrics. Create a single source of truth for your asset management programme."},"controls":{"name":"Risk-based controls","description":"Link assets to controls and adjust your approach based on risk levels. Create efficient control strategies that focus more attention on high-risk assets while maintaining appropriate oversight of lower-risk items."},"tasks":{"name":"Smart task management","description":"Create asset-specific tasks and schedule them efficiently. Group related tasks by asset owner to streamline workflows and improve completion rates."},"ownership":{"name":"Clear ownership","description":"Assign and track asset owners to ensure clear accountability. Owners can easily see all tasks and controls related to their assets in one view."}},"faqs":{"license":{"question":"Is the assets module included in every Tidal license?","answer":"Yes! The assets module, including business impact analysis and all management features, comes included with every Tidal license. Start managing your assets right away."},"metrics":{"question":"What metrics can I track for critical assets?","answer":"For each asset, you can track Availability, Integrity, and Confidentiality (AIC) scores, as well as Recovery Point Objective (RPO), Recovery Time Objective (RTO), and Minimum Acceptable Service Level (MASL). These metrics help you understand and protect your most critical assets."},"taskManagement":{"question":"How does asset-specific task management work?","answer":"You can create multiple tasks for controls related to the same asset and assign them to the asset owner. Tasks can be scheduled together, making it easier for owners to manage their responsibilities efficiently."},"riskControls":{"question":"Can I adjust controls based on asset risk levels?","answer":"Yes! You can create different control strategies for high-risk and low-risk assets. This risk-based approach helps you focus resources where they're needed most while maintaining appropriate oversight across all assets."},"impactAnalysis":{"question":"How do I perform a business impact analysis?","answer":"Tidal guides you through the business impact analysis process directly in the platform. You'll assess and score each asset's Availability, Integrity, and Confidentiality requirements, helping you understand which assets need the most protection."},"ownership":{"question":"Can I see all assets owned by a specific person?","answer":"Yes! You can easily view all assets assigned to any owner, along with their associated tasks and controls. This makes it simple to manage workloads and ensure nothing falls through the cracks."}}},"controls":{"eyebrow":"Features","title":"Control management that works your way","description":"Simplify control management with flexible, automation-ready tools that adapt to your needs. Start with our comprehensive control library or build your own - either way, you'll get powerful automation, clear ownership, and real-time insights.","features":{"library":{"name":"Comprehensive control library","description":"Jump-start your programme with our library of controls supporting over 20 security and privacy frameworks. Each control comes with pre-mapped tasks and framework references, ready to use."},"structure":{"name":"Flexible control structure","description":"Create the perfect fit for your organisation with our adaptable data model. Create your own controls and/or add custom attributes to group and organise controls your way."},"automation":{"name":"Smart automation","description":"Connect your existing tools to automate control testing. Built-in support for major cloud providers, development tools, and mobile device management platforms - with new integrations added regularly."},"accountability":{"name":"Clear accountability","description":"Assign owners and contributors to each control, then break controls into manageable tasks. Everyone knows exactly what they need to do and when it's due."},"insights":{"name":"Real-time insights","description":"Monitor control effectiveness and progress in real time. Generate instant reports to show stakeholders how your controls are performing and where attention is needed."},"audit":{"name":"Complete audit trail","description":"Track every change to controls and tasks automatically. Perfect for demonstrating due diligence and maintaining accountability across your programme."}},"faqs":{"license":{"question":"Is the controls module included in every Tidal license?","answer":"Yes! The controls module, including our comprehensive control library and automation features, comes included with every Tidal license. Start managing your controls right away."},"customisation":{"question":"How customisable are the controls?","answer":"Entirely! While we provide a comprehensive control library, you can customise everything about your controls. Create your own controls, add custom attributes, and structure controls to match your specific needs."},"integration":{"question":"What tools can I integrate with?","answer":"Tidal supports all major cloud providers and software development tools out of the box, as well as several mobile device management platforms. Our integration library grows regularly - reach out to learn about our latest additions."},"ownership":{"question":"How does control ownership work?","answer":"You can assign both owners and contributors to each control. Break controls down into specific tasks and assign these to relevant team members. Everyone gets clear visibility of their responsibilities."},"tracking":{"question":"Can I track changes to controls?","answer":"Yes! Every change to controls and tasks is automatically logged in our audit trail. You can see who made changes, when they were made, and what was changed - perfect for compliance and audit purposes."},"frameworks":{"question":"How many frameworks does the control library support?","answer":"Our control library supports over 20 security and privacy frameworks. Each control comes pre-mapped with common requirements and framework references, saving you significant setup time."}}},"issues":{"eyebrow":"Features","title":"Track and resolve issues - all in one place","description":"Simplify issue management with a centralised system that handles everything from audit findings to improvement opportunities. Keep your team aligned and ensure nothing gets missed with clear ownership, priorities, and automated tracking.","features":{"types":{"name":"Flexible issue types","description":"Track different types of issues including incidents, control gaps, improvement opportunities, and audit findings. Each type comes with relevant fields to capture all necessary information."},"ownership":{"name":"Clear ownership","description":"Assign issues to team members, set priorities, and track deadlines. Everyone knows what needs attention and when it's due."},"linking":{"name":"Smart linking","description":"Connect issues directly to relevant controls and assets. Build a clear picture of your system's health and track how issues impact different areas of your business."},"priority":{"name":"Priority management","description":"Categorise issues as low, medium, or high priority to help your team focus on what matters most. Simple but effective prioritisation keeps everyone aligned."},"source":{"name":"Single source of truth","description":"Keep all your issues in one place, whether they're from internal reviews, audits, or daily operations. No more scattered spreadsheets or missing updates."},"tracking":{"name":"Simple tracking","description":"Monitor progress and resolution of all issues in one dashboard. Perfect for management updates and demonstrating continuous improvement."}},"faqs":{"license":{"question":"Is the issues module included with every Tidal license?","answer":"Yes! The issues module comes included with every Tidal license. Start tracking and managing your issues right away, no matter which license type you choose."},"types":{"question":"What types of issues can I track in this module?","answer":"The module supports various issue types including incidents, control gaps, opportunities for improvement, and audit findings. Each type comes with appropriate fields to capture relevant information."},"linking":{"question":"Can I link issues to other items in Tidal?","answer":"Yes! Issues can be linked to controls and assets, helping you build a complete picture of your system's health. This makes it easier to understand the impact of issues and track improvements over time."},"priority":{"question":"How do I set issue priorities?","answer":"Issues can be categorised as low, medium, or high priority. This simple system helps teams focus their efforts where they're needed most, while keeping everyone aligned on what needs attention first."},"collaboration":{"question":"Can multiple team members work on issues?","answer":"Absolutely! You can assign issues to specific team members and set deadlines. Everyone can see what they're responsible for and when it needs to be completed."},"audit":{"question":"How can I demonstrate issue management to auditors?","answer":"The issues module serves as your single source of truth for all types of issues. You can easily show auditors how you track, manage, and resolve different issues, demonstrating your commitment to continuous improvement."}}},"policies":{"eyebrow":"Features","title":"Policies without the hassle","description":"Turn policy management from a complex, time-consuming task into an automated process that grows with your business. Start with our pre-written policies designed for modern companies, or import your existing documents - either way, you'll benefit from smart automation that keeps everything on track.","features":{"library":{"name":"Ready-to-use policy library","description":"Start with our collection of 30+ pre-written policies designed specifically for startups and scale-ups. Each policy comes with clear instructions to help you adapt it to your company's needs."},"editor":{"name":"Built-in policy editor","description":"Create and edit policies directly in Tidal using our intuitive editor. No need to juggle multiple tools or worry about version control - everything stays organised in one place."},"automation":{"name":"Smart automation","description":"Policy tasks update automatically when you take action. Approve a policy, and related tasks close instantly. Get reminded when it's time for review, so nothing falls through the cracks."},"integration":{"name":"Flexible integration","description":"Keep your existing workflow by linking to policies in SharePoint, Notion, or other platforms. Upload files in any format, or create new ones in Tidal - you'll get the same great automation features either way."},"languages":{"name":"Multi-language support","description":"Access all policies in both English and Dutch, with perfect formatting maintained across languages. Ideal for international teams or companies expanding into new markets."},"review":{"name":"Review automation","description":"Never miss a policy review again. Tidal automatically tracks review dates and notifies the right people at the right time. One click to confirm reviews, with all activities logged for audit purposes."}},"faqs":{"license":{"question":"Is the policy module included in every Tidal license?","answer":"Yes! The policy module, including our library of 30+ pre-written policies, comes included with every Tidal license. You can start using it right away to create, manage, and automate your policy processes."},"existing":{"question":"Can I keep using our existing policies from SharePoint/Notion?","answer":"Absolutely! Tidal works seamlessly with your existing policy documents, wherever they're stored. Link to external policies or upload them directly - you'll still get all the benefits of our automation features like review reminders and task management."},"review":{"question":"How often should policies be reviewed?","answer":"Best practice suggests reviewing policies annually, but this can vary based on your needs and compliance requirements. Tidal lets you set custom review periods for each policy and automatically reminds the right people when it's time for review."},"customisation":{"question":"Can I customise the pre-written policies?","answer":"Yes! Each policy in our library comes with clear instructions to help you adapt it to your company's specific needs. Use our built-in editor to make changes, and Tidal will keep track of all versions and approvals automatically."},"automation":{"question":"What happens when a policy needs to be reviewed?","answer":"Tidal automatically creates a task before the review date and notifies assigned reviewers. Once reviewed, the task closes automatically and the next review date is scheduled. All activities are logged for audit purposes."},"languages":{"question":"Which languages do you support?","answer":"Our policies are currently available in English and Dutch, maintaining perfect formatting across languages."}}},"risks":{"eyebrow":"Features","title":"Risk assessments that work","description":"Turn risk assessment from a time-consuming task into a guided process that helps your business grow. Our AI-powered platform learns from your company's context to help assess and manage risks - even if you're new to the process.","features":{"library":{"name":"Ready-to-use risk library","description":"Start with our pre-configured risk library that includes common scenarios and matching controls. Save hours of setup time and benefit from industry best practices."},"ai":{"name":"AI-powered guidance","description":"Our AI assistant learns from the data you already uploaded and will suggest likelihood and impact levels for your risks, as well as the reasoning behind it. Perfect for teams new to risk assessment."},"process":{"name":"Guided assessment process","description":"Assessing risks is as easy as answering 3 questions, with several answers already pre-populated. Schedule automated reminders to keep your risk insights current."},"reports":{"name":"Clear management reports","description":"Get instant visibility into your risk landscape with ready-made reports. Show progress to stakeholders and make risk-based decisions about where to focus your efforts."},"controls":{"name":"Smart control mapping","description":"Each risk in our library comes pre-mapped to relevant controls. Save time and ensure consistent coverage as you grow."},"import":{"name":"Import existing data","description":"Already have a risk register? Import it directly into Tidal and enhance it with our AI-powered insights and automatic control mapping."}},"faqs":{"license":{"question":"Is the risk assessment module included in every Tidal license?","answer":"Yes! The risk assessment module is a core part of Tidal and comes included with every license. Start assessing risks right away and upgrade other features as your needs grow."},"timeToComplete":{"question":"How long does it take to complete my first risk assessment?","answer":"Most teams complete their first risk assessment in under 2 hours using our AI-powered guidance and pre-configured risk library. As you use the platform, the AI learns from your context to make future assessments even faster."},"aiGuidance":{"question":"How does the AI help with risk assessment?","answer":"Our AI learns from your company's context as you use Tidal. It provides tailored suggestions for risk likelihood, impact, and control effectiveness based on your specific situation. The more you use Tidal, the more accurate these suggestions become."},"frameworks":{"question":"Can I use this for different compliance frameworks?","answer":"Absolutely! Our risk assessment module works with any framework. The AI-powered system helps you identify and manage risks specific to your needs, whether you're working with one framework or several."},"assetRisks":{"question":"Can I assess risks for specific assets?","answer":"Absolutely! You can assign and assess risks for specific assets, helping you understand how risks affect different parts of your business. This granular approach helps prioritise your risk management efforts."},"library":{"question":"What's included in the risk library?","answer":"Our risk library includes common risk scenarios with pre-linked controls for mitigation. Each risk comes with suggested treatments and controls, but you can easily customise these to match your specific needs."}}},"integrations":{"title":"Automation makes life more fun!","description":"Our integrations collect and evaluate evidence for you, saving you the time of preparing system reports and screenshots every time you need to run a control test.","eyebrow":"Integrations","filterByCategory":"Filter by Category","filterAriaLabel":"Filter categories","all":"All {contentType}","contentType":"integrations","content":[{"title":"Microsoft Azure","categories":["Cloud services","Built-in"],"description":"Cloud computing platform and infrastructure for building, deploying, and managing applications and services.","imageKey":"microsoftAzure","href":"https://azure.microsoft.com/en-us/"},{"title":"Microsoft Entra ID","categories":["Identity Providers","Built-in"],"description":"Cloud-based identity and access management service.","imageKey":"microsoftEntraID","href":"https://azure.microsoft.com/en-us/services/active-directory/"},{"title":"Microsoft Power BI","categories":["Collaboration","Built-in"],"description":"Business analytics service for interactive visualizations and business intelligence.","imageKey":"microsoftPowerBI","href":"https://powerbi.microsoft.com/en-us/"},{"title":"Microsoft Intune","categories":["Device Management","Built-in"],"description":"Cloud-based service for mobile device and application management.","imageKey":"microsoftIntune","href":"https://www.microsoft.com/en-us/security/business/microsoft-endpoint-manager"},{"title":"Amazon Web Services (AWS)","categories":["Cloud services","Built-in"],"description":"Comprehensive cloud computing platform offering various services.","imageKey":"amazonAWS","href":"https://aws.amazon.com/"},{"title":"Google Cloud Platform","categories":["Cloud services","Built-in"],"description":"Suite of cloud computing services for computing, data storage, and application development.","imageKey":"googleCloud","href":"https://cloud.google.com/"},{"title":"Google Workspace","categories":["Collaboration","Built-in"],"description":"Collection of cloud computing, productivity and collaboration tools.","imageKey":"googleWorkspace","href":"https://workspace.google.com/"},{"title":"Github","categories":["Software Development","Built-in"],"description":"Platform for version control and collaboration for software development.","imageKey":"github","href":"https://github.com/"},{"title":"Gitlab","categories":["Software Development","Built-in"],"description":"Complete DevOps platform for software development and deployment.","imageKey":"gitlab","href":"https://about.gitlab.com/"},{"title":"Jira Cloud","categories":["Project Management","Built-in"],"description":"Project management tool for agile teams.","imageKey":"atlassianJira","href":"https://www.atlassian.com/software/jira"},{"title":"Kandji","categories":["Device Management","Built-in"],"description":"Modern Apple device management solution.","imageKey":"kandji","href":"https://www.kandji.io/"},{"title":"Odoo","categories":["ERP systems","On our radar"],"description":"Open source business management software suite.","imageKey":"odoo","href":"https://www.odoo.com/"},{"title":"Auth0","categories":["Identity Providers","On our radar"],"description":"Authentication and authorization platform.","imageKey":"auth0","href":"https://auth0.com/"},{"title":"BambooHR","categories":["Human Resources","On our radar"],"description":"HR software for growing organizations.","imageKey":"bamboohr","href":"https://www.bamboohr.com/"},{"title":"Bitbucket","categories":["Software Development","On our radar"],"description":"Git-based code hosting and collaboration tool.","imageKey":"bitbucket","href":"https://bitbucket.org/"},{"title":"ClickUp","categories":["Project Management","On our radar"],"description":"All-in-one productivity platform.","imageKey":"clickUp","href":"https://clickup.com/"},{"title":"Aikido","categories":["Information Security","On our radar"],"description":"Security orchestration and automation platform.","imageKey":"aikido","href":"https://aikido.dev/"},{"title":"Guardey","categories":["Information Security","On our radar"],"description":"Cloud security and compliance automation platform.","imageKey":"guardey","href":"https://guardey.com/"},{"title":"StackAware","categories":["Information Security","On our radar"],"description":"Security awareness training platform.","imageKey":"stackaware","href":"https://www.stackaware.com/"},{"title":"Google Looker","categories":["Collaboration","On our radar"],"description":"Business intelligence and big data analytics platform.","imageKey":"googleLooker","href":"https://cloud.google.com/looker/"},{"title":"Keycloak","categories":["Identity Providers","On our radar"],"description":"Open source identity and access management solution.","imageKey":"keycloak","href":"https://www.keycloak.org/"},{"title":"Microsoft Azure DevOps","categories":["Software Development","On our radar"],"description":"Development collaboration tools and services.","imageKey":"microsoftAzureDevops","href":"https://azure.microsoft.com/en-us/services/devops/"},{"title":"Microsoft Office 365","categories":["Collaboration","On our radar"],"description":"Productivity and collaboration suite.","imageKey":"microsoftOffice365","href":"https://www.office.com/"},{"title":"Microsoft SharePoint","categories":["Collaboration","On our radar"],"description":"Document management and collaboration platform.","imageKey":"microsoftSharePoint","href":"https://www.microsoft.com/en-us/microsoft-365/sharepoint/collaboration"},{"title":"Microsoft Teams","categories":["Collaboration","On our radar"],"description":"Business communication and collaboration platform.","imageKey":"microsoftTeams","href":"https://www.microsoft.com/en-us/microsoft-teams/group-chat-software"},{"title":"Notion","categories":["Collaboration","On our radar"],"description":"All-in-one workspace for notes, docs, and collaboration.","imageKey":"notion","href":"https://www.notion.so/"},{"title":"ServiceNow","categories":["Ticketing","On our radar"],"description":"Enterprise service management platform.","imageKey":"servicenow","href":"https://www.servicenow.com/"},{"title":"Slack","categories":["Collaboration","On our radar"],"description":"Business communication and collaboration platform.","imageKey":"slack","href":"https://slack.com/"}]}},"frameworks":{"index":{"title":"Frameworks","description":"Explore our support for various compliance frameworks.","shortDescription":"Explore our support for various compliance frameworks."},"all":{"eyebrow":"Security frameworks","title":"Your guide to security and compliance standards.","description":"Navigate the complex landscape of security standards, certifications, and regulatory compliance frameworks that shape modern information security.","filterByCategory":"Filter by Category","filterAriaLabel":"Filter categories","all":"All {contentType}","contentType":"frameworks","content":[{"title":"ISO 27001","categories":["Security","Global"],"description":"International standard for information security management systems (ISMS), providing requirements for establishing, implementing, maintaining and continually improving an information security management system.","href":"/frameworks/iso27001"},{"title":"CIS Controls","categories":["Security","Global"],"description":"Prescriptive, prioritized set of cybersecurity best practices and defensive actions designed to protect organizations against common cyber attacks.","href":""},{"title":"BIO","categories":["Government","Security","Netherlands"],"description":"Baseline Information Security for the Dutch government, providing a standardized set of security measures for all government organizations.","href":""},{"title":"ABDO","categories":["Defense","Security","Netherlands"],"description":"General Security Requirements for Defense Orders, defining security requirements for organizations working with the Dutch Ministry of Defense.","href":""},{"title":"NIS2 CyberFundamentals","categories":["Security","Belgium"],"description":"Belgian implementation of the NIS2 directive, providing fundamental cybersecurity requirements for essential service providers.","href":"/frameworks/nis2"},{"title":"DNB ICT Guidelines","categories":["Finance","Security","Netherlands"],"description":"Information security guidelines from the Dutch Central Bank for financial institutions under its supervision.","href":""},{"title":"DORA","categories":["Finance","Security","European Union"],"description":"Digital Operational Resilience Act, establishing uniform requirements for the security of network and information systems of financial entities.","href":"/frameworks/dora"},{"title":"EBA ICT Guidelines","categories":["Finance","Security","European Union"],"description":"Guidelines on ICT and security risk management from the European Banking Authority for financial institutions.","href":""},{"title":"GDPR","categories":["Privacy","Data Protection","European Union"],"description":"General Data Protection Regulation, establishing rules for the protection of personal data and privacy rights of EU residents.","href":"/frameworks/gdpr"},{"title":"ISO 9001","categories":["Quality Management","Process Management","Global"],"description":"International standard for quality management systems (QMS), specifying requirements for consistent delivery of products and services.","href":""},{"title":"NIST CSF","categories":["Security","United States"],"description":"NIST Cybersecurity Framework, providing voluntary guidance for organizations to better manage and reduce cybersecurity risk.","href":""},{"title":"NIST SP800-53","categories":["Security","United States"],"description":"Security and privacy controls standard providing detailed security control requirements for federal information systems.","href":""},{"title":"RVIT","categories":["Telecom","Security","Netherlands"],"description":"Security requirements for telecommunications providers under the Dutch Telecommunications Act.","href":""},{"title":"SOC2","categories":["Security","Global"],"description":"Service Organization Control 2, defining criteria for managing customer data based on five trust service principles.","href":"/frameworks/soc2"},{"title":"NEN7510","categories":["Healthcare","Security","Netherlands"],"description":"Dutch standard for information security in healthcare, providing specific requirements for managing medical information.","href":""}]},"dora":{"eyebrow":"DORA","title":"Ready for DORA","description":"Prepare for the EU's Digital Operational Resilience Act with Tidal's comprehensive support.\nOur platform helps financial entities implement and demonstrate robust ICT risk management, whether you're a bank, insurer, or fintech.","features":[{"eyebrow":"Smart Framework Support","title":"Built on proven standards","description":"Start with the comprehensive NOREA DORA in Control framework, specifically designed for DORA compliance.\nLeverage your existing ISO27001 or other framework controls through our smart mapping feature, helping you focus only on new DORA-specific requirements."},{"eyebrow":"ICT Risk Management","title":"Build digital resilience","description":"Start with our pre-built DORA controls and risk management framework aligned with regulatory requirements.\nOur platform helps you identify, protect against, detect, respond to, and recover from ICT-related incidents, covering all key aspects of digital operational resilience."},{"eyebrow":"Incident Reporting","title":"Stay compliant and resilient","description":"Meet DORA's incident reporting requirements with automated monitoring and structured response processes.\nOur platform helps you classify incidents, maintain audit trails, and report to authorities within required timeframes, while building long-term resilience."}],"faqs":[{"question":"How does Tidal help with DORA compliance?","answer":"Our platform provides comprehensive support for DORA's five pillars: ICT risk management, incident reporting, digital operational resilience testing, third-party risk management, and information sharing. We offer pre-built controls, risk assessment frameworks, and automated monitoring tools specifically aligned with DORA requirements."},{"question":"Does Tidal support threat-led penetration testing (TLPT)?","answer":"Yes, we can help you manage and document your TLPT programme as required by DORA. This includes planning tests with the help of our trusted ad certified penetration testing partners, tracking findings, managing remediation, and maintaining evidence of your testing activities."},{"question":"How does Tidal help with ICT third-party risk management?","answer":"Our platform includes tools for assessing, monitoring, and documenting your critical ICT third-party relationships. This includes contract management, service level monitoring, and maintaining evidence of ongoing oversight as required by DORA."},{"question":"Can Tidal help meet incident classification and reporting requirements?","answer":"Yes, we provide structured workflows for classifying ICT-related incidents according to DORA's criteria and support the documentation and reporting processes. Our platform helps ensure you meet regulatory reporting timeframes while maintaining detailed incident records."},{"question":"How does Tidal help support ICT risk management requirements?","answer":"Our platform provides a comprehensive framework for identifying, assessing, and managing ICT risks in line with DORA requirements. This includes tools for risk assessment, control implementation, and ongoing monitoring of your digital operational resilience."},{"question":"Does Tidal help prepare for supervisory oversight?","answer":"Yes, our platform helps you maintain the documentation and evidence needed for supervisory oversight. We help you demonstrate your compliance with DORA requirements through clear reporting, audit trails, and organised evidence collection."}]},"gdpr":{"eyebrow":"GDPR","title":"Demonstrate privacy compliance","description":"Build trust through verified privacy practices with Tidal's comprehensive GDPR support.\nOur platform helps you implement privacy controls and achieve BC5701 certification, the European Data Protection Seal that demonstrates your commitment to data protection.","features":[{"eyebrow":"Privacy Framework","title":"Pre-built privacy controls","description":"Start with our pre-built privacy controls aligned with both GDPR requirements and BC5701 certification criteria.\nOur platform guides you through implementing appropriate measures whether you're focusing on GDPR compliance or pursuing certification as a European Data Protection Seal."},{"eyebrow":"Track privacy policies","title":"Privacy by design","description":"Implement and demonstrate privacy-by-design principles with our structured approach to data protection.\nTrack processing activities, manage privacy notices, and maintain evidence of privacy measures, all while building towards BC5701 certification readiness."},{"eyebrow":"Continuous Compliance","title":"Stay privacy-focused","description":"Monitor your privacy programme with automated checks and scheduled reviews.\nMaintain GDPR compliance and BC5701 certification requirements through continuous assessment of your privacy controls and data protection measures."}],"faqs":[{"question":"What is BC5701 certification and how does Tidal help achieve it?","answer":"BC5701 is a European Data Protection Seal that demonstrates verified compliance with GDPR requirements. Our platform includes specific controls and guidance aligned with BC5701 certification criteria, helping you prepare for and maintain certification while ensuring GDPR compliance."},{"question":"How does Tidal support data protection impact assessments (DPIAs)?","answer":"Our platform provides a structured template and tasks for conducting DPIAs. We guide you through risk assessment, documentation, and ongoing monitoring of high-risk processing activities, helping you meet both GDPR requirements and BC5701 certification criteria."},{"question":"Can Tidal help manage data subject rights requests?","answer":"Yes, our platform includes tools for tracking and managing data subject requests, maintaining response timeframes, and documenting your processes. This helps demonstrate compliance with GDPR requirements while building evidence for BC5701 certification."},{"question":"How does Tidal help with privacy notice management?","answer":"We can help you create and manage privacy notices, helping ensure they remain current and accurate. Our platform tracks changes and maintains versions, supporting both GDPR compliance and BC5701 certification requirements."},{"question":"How does Tidal help maintain privacy compliance over time?","answer":"Our platform provides automated monitoring, scheduled reviews, and continuous assessment of your privacy controls. This helps maintain both GDPR compliance and BC5701 certification through regular updates and proactive management of your privacy programme."}]},"iso27001":{"eyebrow":"ISO27001","title":"Get ISO27001 certified faster","description":"Transform your journey to ISO27001 certification from complex to confident with Tidal's proven approach.\nOur platform guides you through every step with smart automation and expert guidance, helping you build a robust information security programme that grows with your business.","features":[{"eyebrow":"Smart Setup","title":"Hit the ground running","description":"Start with our pre-built ISO27001 controls, policies, and risk assessment templates.\nOur platform guides you through establishing your ISMS scope, identifying assets, and implementing right-sized controls that match your business needs."},{"eyebrow":"Automation","title":"Evidence collection made easy","description":"Automatically collect and map evidence from your cloud providers and development tools to ISO27001 controls.\nSave time with automated monitoring that keeps your ISMS current and audit-ready, with clear visibility into control effectiveness."},{"eyebrow":"Continuous Improvement","title":"Built for the long term","description":"Move beyond certification to build a robust information security programme that grows with your business.\nOur platform helps you maintain compliance through automated testing, scheduled reviews, and clear metrics to demonstrate the effectiveness of your ISMS."}],"faqs":[{"question":"How long does it typically take to get ISO27001 certified with Tidal?","answer":"Most organisations achieve certification within 3-5 months using our platform. This includes establishing your ISMS, implementing controls, and conducting internal audits. Our pre-built content and automation tools significantly reduce the time typically needed for certification."},{"question":"Do you provide guidance on establishing ISMS scope?","answer":"Yes, our platform guides you through the scoping process with templates and best practices. We help you identify relevant assets, processes, and locations to include in your ISMS scope, ensuring it's appropriate for your business while remaining manageable."},{"question":"How does Tidal help with risk assessment?","answer":"Our platform includes a comprehensive risk assessment module with pre-identified risks and controls. The AI-powered system learns from your context to suggest relevant risks and controls, while automation helps you track risk treatment and reassessment over time."},{"question":"Can Tidal help with mandatory documentation?","answer":"Yes, we provide all required ISO27001 documentation templates, including policies, procedures, and records. These templates are customisable to your needs while ensuring you meet all ISO27001 documentation requirements."},{"question":"What support do you provide during certification audits?","answer":"We help you prepare for both Stage 1 and Stage 2 audits with pre-audit assessments and gap analysis. Our platform organises your evidence and documentation in an auditor-friendly format, making the certification process smoother."},{"question":"How does Tidal support ongoing ISMS maintenance?","answer":"Our platform automates many maintenance tasks including evidence collection, control testing, and review scheduling. You'll receive automated alerts for upcoming reviews, potential gaps, and required actions, helping you maintain certification with less effort."}]},"nis2":{"eyebrow":"NIS2","title":"Prepare for NIS2 compliance","description":"Get ready for the EU's strengthened cybersecurity requirements with Tidal's comprehensive NIS2 support.\nWhether you're pursuing NIS2 CyberFundamentals or NIS2 Quality Mark certification, our platform helps you implement and maintain appropriate security measures with confidence.","features":[{"eyebrow":"Flexible Framework Support","title":"Choose your path to compliance","description":"Support using either the NIS2 CyberFundamentals framework or the NIS2 Quality Mark as basis for your NIS2 compliance.\nOur platform guides you through implementing appropriate controls and measures, whether you're an essential or important entity."},{"eyebrow":"Risk-Based Approach","title":"Smart risk management","description":"Implement security measures proportionate to your risk level and sector requirements.\nOur platform helps you assess risks, identify appropriate controls, and maintain evidence of your security measures, aligned with NIS2 expectations."},{"eyebrow":"Continuous Monitoring","title":"Stay ahead of requirements","description":"Monitor your compliance status and security measures in real-time.\nAutomatically collect evidence of your cybersecurity measures, track incident response readiness, and maintain required documentation for supervisory authorities."}],"faqs":[{"question":"What NIS2 frameworks does Tidal support?","answer":"Tidal supports the NIS2 CyberFundamentals framework and the NIS2 Quality Mark. Both offer 3 implementation levels, in line with the NIS2 qualifications. Our platform helps you implement and maintain compliance with either framework, providing specific guidance and controls for each."},{"question":"How does Tidal help determine if NIS2 applies to my organisation?","answer":"We can help you determine whether your organisation (and/or your customers) qualifies as an essential or important entity under NIS2. We guide you through the sector-specific requirements and size thresholds to understand your obligations."},{"question":"Can Tidal help with incident reporting requirements?","answer":"Yes, our platform helps you prepare for NIS2's incident reporting requirements by establishing clear procedures, maintaining necessary documentation, and supporting your incident response processes with the help of the Tidal Issues Management module."},{"question":"How does Tidal support supply chain security requirements?","answer":"Our platform helps you assess and manage supply chain risks in line with NIS2 requirements. This includes tools for vendor assessment, security measure verification, and maintaining evidence of due diligence in your supply chain relationships."},{"question":"Does Tidal help with both technical and organisational measures?","answer":"Yes, our platform supports implementation of both technical and organisational measures required by NIS2. This includes policies, procedures, and controls covering areas like risk management, incident handling, business continuity, and supply chain security."},{"question":"How does Tidal keep up with evolving NIS2 requirements?","answer":"We actively monitor regulatory developments and update our platform to reflect new guidance and requirements. Our controls and frameworks are regularly updated to ensure continued alignment with leading NIS2 implementation standards."}]},"soc2":{"eyebrow":"SOC 2","title":"Setting up for success","description":"Build trust with your customers by demonstrating your commitment to security and privacy.\nSOC 2 helps you prove that you handle customer data responsibly - increasingly essential for businesses operating in or expanding to the US market.","features":[{"eyebrow":"SOC2","title":"Accelerate your path","description":"Transform your SOC2 journey from complex to confident with pre-built controls and smart automation.\nWhether you're pursuing SOC2 Type I or Type II, our platform guides you through every step, helping you achieve compliance faster without compromising quality."},{"eyebrow":"Smart Automation","title":"Evidence on autopilot","description":"Stop chasing evidence manually. Our platform automatically collects and maps evidence from your cloud providers and development tools.\nSave hundreds of hours with automated evidence collection that keeps your SOC2 programme current and audit-ready all year round."},{"eyebrow":"Trust Service Criteria","title":"Built for growing businesses","description":"Start with the Trust Service Criteria that matter most to your business today and expand as you grow.\nOur platform helps you implement right-sized controls that protect your business without slowing you down, using pre-built policies and controls designed for modern companies."}],"faqs":[{"question":"How long does it typically take to get SOC 2 certified with Tidal?","answer":"With Tidal's pre-built controls and automation, most companies achieve Type I certification in 2-3 months. Type II certification typically takes 6-8 months as it requires demonstrating sustained compliance. Our platform helps you maintain evidence collection and controls testing throughout the observation period."},{"question":"Which Trust Service Criteria should my company focus on?","answer":"Security is mandatory for all SOC 2 reports. Beyond that, choose criteria based on your business needs and customer requirements. Common additions are Availability (for SaaS products) and Confidentiality (for handling sensitive data). Tidal helps you assess which criteria are relevant and implements appropriate controls."},{"question":"Do you provide guidance on choosing a SOC 2 auditor?","answer":"Yes, we can recommend auditors experienced with our platform. However, you're free to work with any licensed CPA firm. Tidal's evidence collection and reporting features work seamlessly with any auditor you choose."},{"question":"Can Tidal help with both Type I and Type II audits?","answer":"Yes, Tidal supports both SOC 2 Type I and Type II audits. Our platform helps you establish controls for Type I and then seamlessly transition to maintaining evidence for Type II's observation period. Our automated evidence collection is particularly valuable for Type II compliance."},{"question":"What integrations do you support for automated evidence collection?","answer":"Tidal integrates with major cloud providers (AWS, Azure, GCP), development tools (GitHub, GitLab, Jira), and identity providers (Okta, Google Workspace). We're continuously adding new integrations based on customer needs."},{"question":"How does Tidal help maintain compliance between audits?","answer":"Our platform continuously monitors your controls and collects evidence automatically. You'll receive alerts for any gaps or issues, helping you maintain compliance year-round. This ongoing monitoring makes annual renewals much simpler."}]}},"solutions":{"starter":{"title":"Start your compliance journey and win bigger deals","eyebrow":"Starter","description":"Get certified with a single framework while maintaining complete flexibility. Our Starter license includes everything you need to achieve and maintain your first certification.","fullWidth":true,"features":{"title":"Everything you need to get compliant","content":[{"name":"Complete policy toolkit","description":"Get started quickly with ready-to-use policies and procedures. Customise them to your needs while maintaining compliance requirements.","icon":"CheckIcon"},{"name":"Built-in control library","description":"Access our pre-built control and risk libraries. Import your existing controls or create new ones - our flexible data model adapts to your needs.","icon":"CheckIcon"},{"name":"Smart automation","description":"Connect your existing tools through our integrations or API. Automatically collect evidence and maintain a clear audit trail.","icon":"CheckIcon"},{"name":"Evidence collection","description":"Collect and manage all your evidence in one place. Import any type of data and link it directly to your controls.","icon":"CheckIcon"},{"name":"Dedicated workspace","description":"Get your own secure workspace with role-based access control, audit logs, and GDPR-compliant data processing.","icon":"CheckIcon"},{"name":"Expert support","description":"Benefit from our 8/5 online support and personal onboarding tour to get you started quickly and effectively.","icon":"CheckIcon"}]},"faqs":[{"question":"What framework can I implement with the Starter license?","answer":"You can implement any single framework of your choice, such as security standards, privacy regulations, or industry compliance requirements. While you're limited to one framework, you get access to our complete feature set for that framework, including our policy toolkit and control library."},{"question":"Can I integrate with my existing tools?","answer":"Yes! The Starter license includes our standard integrations with major cloud providers and development tools. You can also use our API to build custom integrations for your specific needs."},{"question":"What kind of support is included?","answer":"You get access to our 8/5 online support and a personal onboarding tour to help you get started. Our team will help you set up your workspace and guide you through the initial implementation."},{"question":"Can I upgrade to a different plan later?","answer":"Absolutely! You can upgrade to our Growth or higher tiers at any time when you need additional frameworks or advanced features. Your existing setup will transfer seamlessly to your new plan."}]},"growth":{"title":"Scale your compliance programme","eyebrow":"Growth","description":"Ready to expand your compliance programme? Our Growth license supports multiple frameworks with enhanced automation and priority support. Perfect for growing businesses managing multiple compliance requirements.","fullWidth":true,"features":{"title":"Advanced features for growing teams","content":[{"name":"Multiple frameworks","description":"Manage up to three compliance frameworks simultaneously. Map controls across frameworks to reduce duplicate work and maintain efficiency.","icon":"CheckIcon"},{"name":"Enhanced automation","description":"Get a custom integration built specifically for your needs, plus access to PowerBI reporting for deeper insights into your compliance programme.","icon":"CheckIcon"},{"name":"Single Sign-On","description":"Streamline access management with SSO integration. Maintain security while making it easier for your team to access the platform.","icon":"CheckIcon"},{"name":"Priority support","description":"Get priority phone support and data import/export assistance. Our team is ready to help you maintain and scale your compliance programme.","icon":"CheckIcon"},{"name":"Advanced data management","description":"Import and export your compliance data easily. Perfect for reporting, backup, and maintaining records across multiple systems.","icon":"CheckIcon"},{"name":"Enterprise-grade security","description":"Benefit from ISO27001-certified infrastructure, role-based access control, comprehensive audit logs, and GDPR-compliant data processing.","icon":"CheckIcon"}]},"faqs":[{"question":"How do multiple frameworks work in practice?","answer":"You can implement up to three frameworks simultaneously. Our platform helps you identify overlapping controls and requirements, reducing duplicate work while maintaining compliance with each framework."},{"question":"What's included in the custom integration?","answer":"We'll build one custom integration specifically for your needs, connecting Tidal with with your cloud technology stack. This is in addition to our standard integrations with major cloud providers and development tools."},{"question":"How does the PowerBI reporting work?","answer":"You get access to our PowerBI templates and data connectors, allowing you to create custom dashboards and reports. This helps you track compliance status, monitor control effectiveness, and demonstrate progress to stakeholders."},{"question":"What priority support benefits do I get?","answer":"Growth customers get priority phone support in addition to standard online support, plus assistance with data import/export. Your support tickets are prioritized over Starter tier requests."}]},"midsize":{"title":"Compliance at scale","eyebrow":"Midsize","description":"Perfect for growing organisations managing multiple compliance programmes across teams. Get unlimited framework support, advanced automation capabilities, and dedicated account management to drive efficiency at scale.","fullWidth":true,"features":{"title":"Built for expanding teams","content":[{"name":"Unlimited frameworks","description":"Support for unlimited compliance frameworks. Efficiently manage multiple standards and regulations while maintaining clear oversight of your entire compliance programme.","icon":"CheckIcon"},{"name":"Multiple workspaces","description":"Get two dedicated workspaces to separate different business units or compliance programmes. Perfect for managing distinct teams or regional requirements.","icon":"CheckIcon"},{"name":"Advanced automation","description":"Benefit from three custom-built integrations to match your specific needs, plus PowerBI reporting for comprehensive compliance insights.","icon":"CheckIcon"},{"name":"Advanced access control","description":"Enhanced role-based access control for complex team structures. Maintain security while enabling collaboration across departments and regions.","icon":"CheckIcon"},{"name":"Personal account manager","description":"Get a dedicated account manager to help optimise your compliance programme and ensure you're getting the most from your Tidal implementation.","icon":"CheckIcon"},{"name":"Premium support package","description":"Priority phone support, data import/export assistance, and personalised guidance for your compliance journey from your dedicated account team.","icon":"CheckIcon"}]},"faqs":[{"question":"How can I use the two workspaces effectively?","answer":"The two workspaces can be used to separate different business units, regional operations, or compliance programmes. Each workspace maintains its own set of controls, policies, and user permissions while allowing cross-workspace reporting and management."},{"question":"What does advanced role-based access control include?","answer":"You get enhanced control over user permissions, allowing you to define custom roles and granular access levels. This is particularly useful for larger teams with complex organisational structures and distinct responsibilities."},{"question":"How does the personal account manager help?","answer":"Your dedicated account manager helps optimise your compliance programme, provides strategic guidance, and ensures you're getting maximum value from Tidal. They'll regularly review your usage and suggest improvements."},{"question":"Can I get more than three custom integrations?","answer":"While the Midsize package includes three custom integrations, you can purchase additional integrations if needed. Alternatively, you can upgrade to our Enterprise tier for unlimited custom integrations."}]},"enterprise":{"title":"Enterprise-grade compliance","eyebrow":"Enterprise","description":"Built for large organisations requiring the highest levels of security, customisation, and support. Get unlimited workspaces, custom SLAs, and complete flexibility to manage complex compliance programmes across your organisation.","fullWidth":true,"features":{"title":"Maximum flexibility and control","content":[{"name":"Ultimate scalability","description":"Four dedicated workspaces with unlimited framework support. Perfect for managing complex organisational structures, distinct business units, or regional compliance programmes.","icon":"CheckIcon"},{"name":"Custom integrations","description":"Unlimited custom-built integrations to connect with your enterprise systems. Our team builds and maintains integrations specifically for your technology stack.","icon":"CheckIcon"},{"name":"SOC 2 assurance","description":"Enhanced security assurance with SOC 2 certification. Get the highest level of security and compliance guarantees for your enterprise data.","icon":"CheckIcon"},{"name":"Custom terms","description":"Tailored contract terms and conditions to meet your specific enterprise requirements, including custom data processing agreements and security requirements.","icon":"CheckIcon"},{"name":"Custom SLA","description":"Define your own service level agreements for support, system availability, and issue resolution to match your enterprise requirements.","icon":"CheckIcon"},{"name":"Enterprise support","description":"Comprehensive support package with dedicated account management, priority support, and custom training programmes for your teams.","icon":"CheckIcon"}]},"faqs":[{"question":"How customisable are the contract terms?","answer":"Enterprise customers can negotiate custom terms across various aspects including contract duration, payment terms, data processing requirements, security measures, and service level agreements. We work with your legal and procurement teams to meet your specific needs."},{"question":"What's the difference between Tidal-provided ISO27001 and SOC 2 assurance?","answer":"Enterprise customers receive our SOC 2 assurance, providing additional security guarantees and controls specific to service organisations. This higher level of assurance often helps meet stricter enterprise security requirements."},{"question":"How do the four workspaces support enterprise needs?","answer":"The four workspaces can support complex organisational structures, allowing separation between different business units, geographical regions, or compliance programmes while maintaining central oversight and reporting."},{"question":"What enterprise support features are included?","answer":"Enterprise support includes a dedicated account team, custom SLAs for response times, customised training programmes, regular strategic reviews, and priority issue resolution. We can also provide custom reports and insights specific to your needs."}]}},"services":{"implementation":{"title":"Tidal partners with experts to deliver one-stop-shop certification","description":"Get certified faster with our unique combination of platform capabilities and expert guidance.\nOur network of implementation partners brings together all the expertise you need, while our platform ensures efficient execution and long-term success.","eyebrow":"Implementation","fullWidth":true,"timeline":{"title":"Get certified faster with our implementation service","phases":[{"step":"Step 1","name":"Assessment & Planning","description":"Start with a comprehensive gap analysis, risk assessment, and scope definition. We'll create a detailed project plan and help you set up Tidal to match your needs.","content":[]},{"step":"Step 2","name":"Policy Development","description":"Develop required policies and procedures using our templates. We'll help customise them to your organisation while ensuring they meet certification requirements.","content":[]},{"step":"Step 3","name":"Control Implementation","description":"Set up technical and organisational controls, including security configurations, access management, and HR processes. Our experts guide you through each implementation step.","content":[]},{"step":"Step 4","name":"Training & Awareness","description":"Roll out security awareness training across your organisation. We'll help train key staff on their specific responsibilities and system operation.","content":[]},{"step":"Step 5","name":"Internal Audit","description":"Conduct thorough internal audit and management review. We'll help identify and address any remaining gaps before certification.","content":[]},{"step":"Step 6","name":"Certification Audit","description":"Get expert support during your certification audit and immediate follow-up on any findings to ensure successful certification.","content":[]}]},"features":{"title":"The power of platform and expertise combined","description":"Our implementation services bring together leading compliance experts, security professionals, and modern technology to make your certification journey smoother and more efficient.","content":[{"name":"End-to-end expert guidance","description":"Get expert support at every step of your certification journey, from initial scoping through to successful audit completion.","icon":"UserGroupIcon"},{"name":"Perfect platform-consultant synergy","description":"Combine consultant expertise with platform automation. Our consultants guide your strategy while the platform streamlines execution.","icon":"ArrowsPointingInIcon"},{"name":"Comprehensive security expertise","description":"Access all required expertise in one place - from compliance specialists to penetration testers and security awareness trainers.","icon":"ShieldCheckIcon"},{"name":"Faster and more cost-effective","description":"Save time and money through smart automation and efficient collaboration between platform and consultants.","icon":"BanknotesIcon"},{"name":"Matched to your needs","description":"Work with partners who understand your sector, technology stack, and business maturity level.","icon":"PuzzlePieceIcon"},{"name":"Long-term collaboration made easy","description":"Enable ongoing consultant support through our cloud-based platform, making it easy to maintain compliance after certification.","icon":"CloudArrowUpIcon"}]},"faqs":[{"question":"How long does implementation typically take?","answer":"Most organisations achieve certification within 3-5 months when using our implementation services. This timeframe can vary based on your organisation's size and readiness. Our consultants help you establish realistic timelines during the initial assessment and work to keep your project on track."},{"question":"What's included in the implementation service?","answer":"Our implementation service includes expert guidance throughout your certification journey, access to the Tidal platform, and all necessary expertise - from compliance consulting to security testing. You'll get help with gap analysis, risk assessment, policy development, control implementation, and audit preparation. The service also includes security awareness training for employees and specific training for developers."},{"question":"How do you select the right implementation partner for us?","answer":"We match partners based on several factors including your industry sector, size, technology stack, and specific compliance needs. We also consider the partner's expertise with relevant frameworks beyond ISO27001, their experience with similar organisations, and their understanding of your business context. This careful matching process ensures you work with consultants who truly understand your needs."},{"question":"What happens after we achieve certification?","answer":"Your relationship with Tidal and our implementation partners continues after certification. Our platform helps you maintain compliance through automated monitoring and evidence collection, while our partners can provide ongoing support and guidance. They can remotely monitor your system, suggest improvements, and help prepare for surveillance audits, ensuring your certification remains active and valuable."}]},"maintenance":{"title":"Keep your certification with confidence","description":"Maintaining certification requires consistent effort and expertise. Our maintenance services combine hands-on consultant support with smart automation to keep your system effective and audit-ready, while reducing the operational burden on your team.","eyebrow":"Maintenance","fullWidth":true,"timeline":{"title":"Maintain your certification with structured support","phases":[{"step":"Quarter 1","name":"Annual Planning","description":"Set up your annual operational plan, review and update risk assessments, and plan your security awareness programme for the year.","content":[]},{"step":"Quarter 2","name":"System Review","description":"Conduct internal audit, review policies and procedures, and update documentation based on operational changes.","content":[]},{"step":"Quarter 3","name":"Improvement Focus","description":"Hold management review, address audit findings, and implement system improvements. Review incident management procedures and update if needed.","content":[]},{"step":"Quarter 4","name":"External Audit Prep","description":"Prepare for surveillance audit, conduct final policy reviews, and ensure all evidence is properly collected and organised.","content":[]}]},"features":{"title":"Comprehensive maintenance support","description":"Our maintenance services ensure your information security management system stays current, effective, and compliant with all requirements.","content":[{"name":"Proactive system management","description":"Get structured annual planning, regular system monitoring, and timely policy updates. We help you stay ahead of requirements and maintain continuous compliance.","icon":"ChartBarIcon"},{"name":"Complete audit support","description":"Comprehensive support for internal and external audits, including planning, execution, reporting, and following up on findings. Stay confident in your audit readiness.","icon":"ClipboardDocumentCheckIcon"},{"name":"Risk and incident management","description":"Regular risk assessments, incident response support, and practical guidance on managing security events. Keep your risk management process active and effective.","icon":"ShieldExclamationIcon"},{"name":"Ongoing expert guidance","description":"Direct access to consultants through regular check-ins and on-demand support. Get expert advice when you need it most.","icon":"UserGroupIcon"},{"name":"Security awareness programme","description":"Keep your entire organisation security-aware through structured training programmes, including specific onboarding for new employees.","icon":"AcademicCapIcon"},{"name":"Compliance and privacy advice","description":"Expert guidance on compliance requirements and privacy regulations, including practical advice for maintaining GDPR compliance.","icon":"DocumentCheckIcon"}]},"faqs":[{"question":"What is included in the annual maintenance service?","answer":"Our partners can help you with annual operational planning, internal audits, management review preparation, risk assessments, policy updates, security awareness training, and both internal and external audit support. We also offer regular consultant check-ins and incident management support."},{"question":"How do you help prepare for surveillance audits?","answer":"We can help you prepare for surveillance audits through regular system monitoring, internal audits, and timely follow-up on previous findings. Our consultants work with you to ensure all documentation is current and evidence of continuous improvement is readily available."},{"question":"How often do we get consultant support?","answer":"You decide! We can provide regular scheduled check-ins with your dedicated consultant, plus the ability to reach out when specific issues arise. Our consultants can monitor your system remotely through the Tidal platform, allowing them to provide proactive guidance and support."},{"question":"How do you help maintain employee awareness?","answer":"Through our partners we can offer cloud-based micro-learning training, but we can also provide a structured security awareness programme that includes regular training sessions. Dedicated training is often preferable for employees with critical security roles, like software developers. These trainings are updated based on current security threats and compliance requirements."}]},"directory":{"title":"We work with the best. And so can you.","description":"Our service partners are ready to help you with all aspects of information security and compliance","eyebrow":"Partner directory","filterByCategory":"Filter by Category","filterAriaLabel":"Filter categories","all":"All {contentType}","contentType":"partners","content":[{"title":"Fendix","categories":["CISO","Implementation","Security Training"],"description":"Information security specialists helping organisations achieve and maintain certification through practical, business-focused solutions.","imageKey":"fendix","href":"https://www.fendix.nl"},{"title":"StackSecure","categories":["CISO","Penetration testing","Social engineering"],"description":"Technical security experts providing security officer services, penetration testing, and social engineering programs.","imageKey":"stacksecure","href":"https://www.stack-secure.com/"},{"title":"StackAware","categories":["Security Training","Software"],"description":"Trains employees to act consciously in the event of cyber threats, making them an effective last line of defense in protecting your organisation.","imageKey":"stackaware","href":"https://www.stack-secure.com/security-awareness-training"},{"title":"Security.Rocks","categories":["Penetration testing","Security Training"],"description":"Expert penetration testing services combined with practical security training for development teams.","imageKey":"securityrocks","href":"https://security.rocks/"},{"title":"ChangeVision","categories":["CISO","Implementation"],"description":"Helping organisations implement and maintain effective information security management systems with a focus on sustainable change.","imageKey":"changevision","href":"https://www.changeconsulting.nl/"},{"title":"Loxodrome","categories":["CISO","Implementation"],"description":"Swiss-based consultancy providing comprehensive information security and compliance services across Europe.","imageKey":"loxodrome","href":"https://loxodrome.ch/home-en-2/"},{"title":"Guardey","categories":["Security Training","Software"],"description":"Guardey uses gamification to make the learning experience fun and rewarding for your employees.","imageKey":"guardey","href":"https://loxodrome.ch/home-en-2/"},{"title":"ISMS Copilot","categories":["Software","Policy Generation"],"description":"An AI-powered assistant designed to simplify information security compliance. Rapidly generate customized security policies, navigate ISO 27001, ISO 42001, SOC 2, GDPR, and more using a conversational, user-friendly chatbot interface.","imageKey":"ismscopilot","href":"https://www.ismscopilot.com"}]}},"resources":{"index":{"title":"Blog posts","description":"Read all about our product updates, industry news, and helpful compliance tips.","eyebrow":"Resources","min-read":"{minutes} min read","all-posts":"All posts"},"docs":{"search":{"placeholder":"Search docs...","loading":"Loading search...","noResults":"No results found for \"{query}\"","defaultSection":"Documentation"},"toc":{"title":"On this page"}}}},"children":[["$","$L19",null,{"latestPosts":[{"title":"ISO 42001: Building the Foundation for Responsible AI in 2025","description":"Discover how ISO 42001 can help your startup establish responsible AI practices, reduce risks, and gain competitive advantage through automated governance.","date":"2025-03-18","categories":["Blog","AI Governance","ISO 42001"],"imageUrl":"AI-scaled.jpeg","imageCredit":"","published":true,"nrWords":837,"authors":["Dennis van de Wiel"],"id":"2025_03_18","path":"/resources/2025_03_18","href":"/resources/iso-42001-building-the-foundation-for-responsible-ai-in-2025"},{"title":"From convoluted Excels to compliance confidence in 3 months","description":"Discover how a leading telco transformed their control testing from a time-consuming struggle into a streamlined, regulator-approved process in just three months.","date":"2025-03-12","categories":["Case studies"],"imageUrl":"odido1.jpg","imageCredit":"","published":true,"nrWords":480,"authors":["Dennis van de Wiel"],"id":"2025_03_12","path":"/resources/2025_03_12","href":"/resources/from-convoluted-excels-to-compliance-confidence-in-3-months"}],"inLocaleLayout":false,"children":["$","$L1a",null,{"parallelRouterKey":"children","segmentPath":["children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$L1b",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":["$","div",null,{"children":[["$","h2",null,{"children":"Not Found"}],["$","p",null,{"children":"Could not find requested resource"}],"$L1c"]}],"notFoundStyles":[]}]}],[["$","$L1d",null,{"url":"https://tidalcontrol.com","locale":"en"}],["$","$L1e",null,{"url":"https://tidalcontrol.com"}]]]}]

Master ISO 27001GDPRNEN 7510SOC 2BIOISO9001NIST 800-53ISO 27001with minimal effort

Master
ISO 27001
GDPR
NEN 7510
SOC 2
BIO
ISO9001
NIST 800-53
ISO 27001
with minimal effort