AI compliance platform

Compliance, under control.

Alchex continuously checks how your organization actually operates against the ISO standards you follow — policies, controls, and evidence audited clause by clause.

Built forISO 27001ISO 9001ISO 14001ISO 45001ISO 42001

Governance documents

Policies that live, not PDFs that rot

Author policies and procedures in a real collaborative editor. Documents move through draft, review, and approval with genuine sign-off — and every version compares as a readable document, not a wall of red and green.

  • Draft → review → publish, with separation of duties
  • Version diffs render as the document your auditor will read
  • Anchored comments and approvals on the exact paragraph

AI clause audits

Audited the way an auditor reads

Specialist auditor agents work through your documents and evidence clause by clause against the standard. Every verdict cites the exact material it was drawn from — so you can defend it, or fix it.

  • Clause-by-clause verdicts against the standard you follow
  • Findings cite their evidence — no black-box scores
  • Gaps ranked by what actually breaks compliance

Evidence & controls

Evidence that collects itself

Connect the tools you already run. Evidence flows in continuously and lands on the exact clauses it proves, while scheduled controls keep checking that reality still matches the paperwork.

  • Connectors pull live evidence from your stack
  • Every item is bound to the clauses it proves
  • Controls run on schedule — audits are gated on passing tests

How it works

A loop, not a checklist

Compliance isn't a binder you produce once a year. Alchex runs it as a continuous cycle.

01

Author

Stand up your governance spine. Pull templates from the marketplace or write from scratch in a living editor — policies and procedures move through draft, review, and approval with real sign-off.

02

Operate

Design controls and put them on schedule. Connect your stack so evidence flows in continuously and lands on the exact clauses it proves.

03

Audit

Auditor agents check your documents and evidence clause by clause against the standard — verdicts with cited proof, gaps ranked by what actually breaks compliance.

04

Improve

Findings flow back into your documents and controls, and the loop runs again. When the external auditor arrives, everything is already in order.

Platform

And the rest of the system

Everything around the core — so compliance lives in one place instead of a folder, a spreadsheet, and someone's memory.

Risk management

A minimalist risk record your team will actually keep current — scored, owned, and tied to the controls that treat it.

Marketplace

60+ professional document templates and 80+ specialist auditor agents, ready to deploy and adapt to how you operate.

Ask Alchex

A copilot that knows your documents, controls, and evidence — one keystroke away, anywhere in the app.

Multi-framework

Run several standards side by side on the same documents and evidence — one system, audited many ways.

Roles & permissions

Viewers, authors, and admins with real separation of duties — approvals can never be self-served.

Version history

Every document version kept, compared, and traceable — who changed what, who approved it, and when.

Standards

The standards you answer to

Every standard ships with clause-level structure, specialist auditor agents, and document templates — run one, or several side by side.

ISO 27001:2022

Live

Information security management

Protect the confidentiality, integrity, and availability of information — the standard enterprise buyers ask about first.

ISO 9001:2015

Live

Quality management

Run consistent, customer-focused processes that improve on evidence instead of anecdote.

ISO 14001:2015

Live

Environmental management

Understand and control your environmental impact, obligations, and reporting.

ISO 45001:2018

Live

Occupational health & safety

Keep people safe with systematic hazard identification, controls, and incident learning.

ISO 42001:2023

Live

AI management systems

Govern how you build and use AI responsibly — the newest standard your customers now ask about.

More standards are added continuously — each one arrives with its full clause structure and auditor agents on day one.

Sectors

Built for your sector

Different regulators, different standards, different failure modes. Pick your sector — this is what Alchex runs for you.

Close enterprise deals without the security-review scramble

Every serious buyer now sends the questionnaire: how do you protect data, and how do you govern the AI in your product? Alchex keeps a real ISMS running underneath your roadmap — so the answer is evidence, not improvisation.

What you run in Alchex

  • An ISMS your engineers actually follow — access, change, and incident procedures as living documents
  • AI governance for the LLM features in your product, structured on ISO 42001
  • Evidence pulled from the tools you already run — repos, tickets, HR records
  • A continuously audited posture you can show mid-deal, not after the next annual audit

ISO 27001 — Information security · ISO 42001 — AI management · ISO 9001 — Quality

FAQ

Questions, answered plainly

The things every compliance owner asks before switching how they work.

Does Alchex certify my company?

No — certification is issued by accredited certification bodies. Alchex is the system underneath: it keeps your processes, documents, and evidence continuously compliant with the standard, so when the certification audit comes, you pass it on substance.

Which standards does Alchex support?

ISO 27001 (information security), ISO 9001 (quality), ISO 14001 (environment), ISO 45001 (health & safety), and ISO 42001 (AI management) — each with full clause structure, document templates, and specialist auditor agents. You can run several standards side by side on the same documents and evidence.

How do the AI audits actually work?

Auditor agents read your governance documents and evidence clause by clause against the standard, the way a senior human auditor would. Every verdict cites the exact documents and evidence it was drawn from — there is no black-box score. Findings are ranked by what would actually break your compliance.

Where does the evidence come from?

Two ways: connectors that pull live evidence from tools you already run (repos, ticketing, drives, HR systems), and direct uploads. Either way, each piece of evidence is bound to the specific clauses it proves, so nothing sits in an unlabeled folder.

We already have policies in Word and SharePoint. Do we start over?

No. Import what you have, or start from the marketplace’s 60+ professional templates and adapt them. The point is not new paperwork — it is making the documents you operate by reviewable, approvable, and continuously auditable.

How long until we’re audit-ready?

That depends on where you start — but the model is different from the yearly scramble. Alchex runs compliance as a continuous loop, so readiness is a state you maintain, not an event you prepare for. You can see your clause-level position from the first audit run, usually on day one.

What does it cost?

There is a free tier to start — author documents and run your first clause audit. Paid plans are per-seat with metered AI usage. See the pricing page for details.

Bring compliance under control

Author your first policy, run your first clause audit, and see exactly where you stand against the standard. Free to start.