Norven
Start free trial

Compliance automation

Compliance that respects your time.

Norven runs SOC 2, ISO 27001, Israeli Privacy Law (Amendment 13), and GDPR on a single continuous record — built for security teams that have to pass the audit and ship the product in the same week.

Start free trial See how it works

No credit card · Auditor seats always free · 14-day trial

norven.app / dashboard

Program readiness

Acme Robotics, Ltd.

Updated 2 min ago

Implemented

279

Partial

37

Not implemented

12

SOC 2 Type II

142 / 169 controls

84%

ISO 27001:2022

66 / 93 controls

71%

Israeli Privacy Law (Amendment 13)

47 / 51 controls

92%

GDPR

24 / 63 controls

38%

Connect the stack you already run

Amazon Web Services Amazon Web Services GitHub GitHub Google Workspace Google Workspace Okta Okta Microsoft 365 Microsoft 365 Slack Slack

One practice, every framework

Cross-mapped controls. Less work, every audit cycle.

A single implementation — MFA, encryption at rest, access reviews — satisfies the equivalent requirement in every framework you carry. Norven keeps the map current so adding a second or third framework is not a second project.

SOC 2

Available

Trust Services Criteria, Type I or Type II. Continuous evidence collection mapped to CC and A categories.

Read the framework guide

ISO 27001:2022

Available

Annex A aligned to the 2022 revision. Statement of Applicability with versioned applicability rationale.

Read the framework guide

Israeli Privacy Law

Available

Amendment 13-ready. Privacy Protection Authority requirements as a first-class framework — not a footnote.

Read the framework guide

GDPR

In private preview

Article-29-aligned data-protection controls, Records of Processing, and DPIA workflow.

Read the framework guide

How it works

Connect once. Collect always. Show the auditor the truth.

1

Connect your stack

OAuth into the systems you already run — AWS, Google Workspace, Okta, GitHub, Microsoft 365, the rest. Tokens land in Supabase Vault, never in a database column.

2

Collect continuously

Evidence flows in on schedule, hashed on ingest, immutable thereafter. You see what changed and when, in plain English and Hebrew.

3

Show your work

Board updates, customer trust reports, auditor evidence packs — each one a real export, not a screenshot of a dashboard. Auditor seats are scoped, read-only, and free.

What sets Norven apart

Three commitments the rest of the market does not make.

Stakeholder reports as a feature

Board update, customer trust report, auditor evidence pack — generated, not formatted by hand. The professional looks competent without burning the weekend.

Hebrew and Israeli law, day one

Built English-first for the world, with Amendment 13 of the Israeli Privacy Law as a first-class framework and full Hebrew + RTL support. No "international edition" coming later.

Auditor seats, free forever

Your auditor logs in with a scoped, read-only seat. We never charge for the people whose job is to verify your work.

When you are ready

See your first audit window populate in an afternoon.

Free for fourteen days. No credit card. Connect your stack and Norven starts pulling evidence the same hour.

Start free trial