Transparent pricing for regulated organizations.
Three tiers designed around compliance maturity. Every plan includes customer-hosted Azure deployment — your data never leaves your environment.
Foundation
Replace spreadsheet-driven audit prep with continuous evidence collection. One framework to start, expand when you are ready.
Pays for itself when you replace one consultant engagement or one full-quarter readiness sprint.
- 1 framework (NIST CSF, SOC 2, or ISO)
- Core control library + evidence mapping
- Microsoft Entra + Defender integration
- Quarterly posture reports
- Self-serve + email support
- Deployed in your Azure tenant
Regulated
Run continuous compliance across up to four frameworks. Evidence collected automatically from your Microsoft security stack.
Pays for itself when you compress one cross-framework audit cycle or recover two questionnaire-driven deal slips.
- Up to 4 frameworks + custom controls
- Full Microsoft Security integration
- Continuous evidence collection + validation
- Sensei Copilot AI assistance
- Vendor risk management module
- NIST AI RMF + EU AI Act readiness basics
- Monthly executive reports + risk dashboards
- Dedicated CSM + quarterly business reviews
Enterprise
For multi-entity, multi-framework enterprises requiring full AI governance, ISO 42001 implementation, and external-proof capabilities.
Pays for itself when one regulatory finding is avoided or one major customer's procurement timeline is compressed by a quarter.
- Unlimited frameworks + full AI governance
- Multi-entity / multi-subsidiary support
- Insurer + auditor evidence packs
- Board-ready risk quantification dashboards
- Full ISO 42001 + EU AI Act conformity
- MSSP/partner white-label option
- Premium SLA + named engineer
- Custom integrations + API access
Everything included at a glance.
| Feature | Foundation | Regulated | Enterprise |
|---|---|---|---|
| Frameworks | 1 | Up to 4 | Unlimited |
| Custom controls | |||
| Microsoft integrations | Entra + Defender | Full stack | Full stack + custom |
| Evidence collection | Manual + guided | Continuous automated | Continuous automated |
| Sensei Copilot | Limited | ||
| AI governance | NIST AI RMF basics | Full: NIST AI RMF, EU AI Act, ISO 42001 | |
| Risk management | Basic | ||
| Vendor risk management | Basic | ||
| Trust Center | |||
| Multi-entity support | Limited | ||
| Reporting | Quarterly | Monthly | Real-time dashboards |
| Support | Self-serve + email | Dedicated CSM | Premium SLA + named engineer |
| Deployment | Your Azure tenant | Your Azure tenant | Your Azure tenant |
How Kyudo compares to the status quo.
Ranges sourced from publicly available pricing and industry benchmarks. Use the ROI calculator for your own numbers.
| Alternative | Annual cost | Tradeoff |
|---|---|---|
| Big-4 SOC 2 + ISO 27001 prep | $80K–$150K/yr | Time-bounded, no continuous coverage |
| GRC (SaaS) Platforms | $60K–$90K/yr | Multi-tenant SaaS, your data leaves your tenant |
| In-house GRC analyst (1 FTE) | $90K–$140K/yr | Headcount scales linearly with framework count |
| Kyudo Regulated tier | — | Customer-hosted Azure. Up to 4 frameworks. Continuous. |
Frequently asked.
Customer-hosted deployment requires provisioning dedicated Azure infrastructure in your tenant. Annual commitment ensures both parties invest in a successful implementation.
You can upgrade tiers at any time. Moving from Foundation to Regulated or Enterprise is seamless. Your existing controls and evidence carry over.
Every plan includes guided onboarding. Regulated and Enterprise tiers include dedicated implementation support with a named solutions architect.
Yes, this is the designed path. Most organizations start with Foundation on a single framework, prove value, then expand to Regulated as they add frameworks.
All tiers deploy in your Azure tenant at no infrastructure surcharge. You manage the Azure subscription; Kyūdō manages the application layer.
Ready to see governance that runs continuously?
Deploy Kyūdō inside your Azure tenant. See your first compliance report in 24 hours.