Kardu

Plans for every stageof your compliance

In the GRC market, pricing is a secret. Not here. What you see is what you pay, including all future frameworks.

Beta access

Paid plans available on 24 August 2026. Until then, free beta access by invitation.

Early adopter guarantee

Already in the beta? Your current conditions are locked in when you pick your plan in August. Forever.

Current users, frameworks and features preserved, regardless of the plan you choose.

MonthlyAnnual

Beta

Free

Until Aug. 2026

Full access during beta by invitation. No credit card required.

  • Full ISO 27001 (93 controls)
  • Up to 3 users
  • 100 evidence files
  • Real-time Compliance Score
  • Basic Trust Center
  • Asset register
  • Data retained 30 days after expiry
  • No credit card required
Request access

Starter

For founders and small teams that need to demonstrate compliance for the first time.

  • Full ISO 27001 (93 controls)
  • 1 active framework (NIS2, ENS or DORA)
  • Up to 5 users
  • 200 evidence files
  • Real-time Compliance Score
  • Public Trust Center with embeddable badge
  • Risk register
  • PDF export for auditor
  • Immutable audit log
  • AI Toolkit
  • Email support (48h)
Request access
Most popular

Business

For companies managing multiple frameworks and teams.

  • Everything in Starter, plus:
  • 3 simultaneous active frameworks
  • Up to 20 users
  • 1,000 evidence files
  • Automatic evidence expiry alerts
  • Task management with owner assignment
  • Full Trust Center with verified history
  • Compliance calendar
  • Security policy management
  • AI Toolkit
  • Priority support (24h)
Request access

Professional

For organisations with full NIS2, large teams and demanding audit requirements.

  • Everything in Business, plus:
  • Advanced export (CSV + PDF with SHA-256 hash)
  • All frameworks (NIS2, ISO 27001, DORA, ENS, GDPR)
  • Up to 50 users
  • 2,000 evidence files
  • Full activity history (12 months)
  • Goldfinch AI assistant
  • AI security questionnaires
  • 1h guided onboarding session
  • 4h support SLA during business hours
  • Coming soon
  • SAML SSO + SCIM
  • Workflow automation engine
  • Microsoft 365 / Entra ID integration
Request access

Prices exclude VAT. Billed in euros. No lock-in. Cancel anytime.

All future frameworks included in your plan at no extra charge.

Plan comparison

All the details to choose the right plan.

FeatureFree TrialStarterBusinessProfessional
Active frameworks3 (14 days)13All
Users352050
Evidence files1002001,0002,000
Compliance Score
Public Trust Center
Risk register
Task management
Compliance calendar
Automatic alerts
Security policy management
AI features
Goldfinch AI assistant
AI security questionnaires
Activity history (12 months)
PDF export
CSV export
Asset register
Assisted onboarding
SupportEmail 48hPriority 24hSLA 4h

Frequently asked questions

Yes. You can upgrade or downgrade at any time. The change takes effect at the next billing cycle.

Your account is locked but your data is retained for 30 days. You can subscribe to any plan and recover everything without losing anything.

No. All displayed prices exclude VAT. Applicable VAT depends on the billing country.

All data is hosted on servers in Frankfurt, Germany. It never leaves the European Union.

ISO 27001 is available in all plans. NIS2, DORA and ENS are activated as overlays according to the number of frameworks in your plan. All future frameworks are included at no extra charge.

Yes. If you manage compliance for multiple clients, write to us at contact@kardu.eu and we will prepare a tailored proposal.

Yes. No lock-in. If you cancel, your plan remains active until the end of the paid period.

No. All new controls and frameworks we add are automatically included in your plan at no extra charge.

Start free today

14-day Free Trial with full access. No credit card required.

Start free