Scrutinize any company, including your own
Pricing for Compliance and Vendor Risk, from $599 a month
Map controls to SOC 2, ISO 27001, HIPAA, GDPR and PCI, collect evidence automatically, monitor continuously, and score every vendor you trust. Every plan is paid. Prices in USD.
Essentials
One framework, continuously compliant
$499 /mo
Billed monthly Billed annually ($5,988/yr)
- One framework (e.g. SOC 2)
- Continuous compliance & control mapping
- Automated evidence collection
- Gap detection & remediation list
- One audit-ready report
Growth
Multi-framework, monitored continuously
$999 /mo
Billed monthly Billed annually ($11,988/yr)
- Multi-framework crosswalk (SOC 2 + ISO 27001 + GDPR…)
- Continuous control monitoring
- Security questionnaire automation
- Audit-ready reports across frameworks
- Priority support
Risk+ (TPRM)
Everything in Growth, plus third-party risk
$2,083 /mo
Billed monthly Billed annually ($24,996/yr)
- Everything in Growth
- Unlimited vendor risk scoring
- Continuous third-party monitoring
- M&A & diligence reports
- Vendor questionnaire workflows
Enterprise
Larger orgs with security and scale needs
Custom
Frameworks & volume to fit
- SSO and SCIM provisioning
- Custom and bespoke frameworks
- Dedicated GRC success manager
- API access
- Audit-firm collaboration
No per-questionnaire fees. An accredited auditor still issues your attestation; Scrutineer gets you ready and keeps you ready. Prices in USD, every plan paid, no free tier. Each plan CTA opens a quick signup so we can set up your account, not a checkout. See every feature or how it works.
No free plan, because the interactive Scrutiny Desk is your free trial.
Pick a framework to audit your own company, or assess a vendor, and watch Scrutineer build the report before you pay a cent. You see the readiness ring, the control statuses and the risk score for yourself, then choose a plan when you are ready.
What manual GRC really costs
Manual compliance and vendor reviews vs Scrutineer
Doing it by hand means a GRC analyst chasing evidence, questionnaire ping-pong that eats whole weeks, and spreadsheet vendor reviews that go stale the day they finish. A flat monthly plan turns all of that into a live, monitored posture.
A GRC analyst
$120k+ / yr
A full-time headcount chasing screenshots, updating spreadsheets and prepping audits, with the bar drifting between people and projects.
Questionnaire ping-pong
Days per deal
Security questionnaires answered by hand for every prospect, slowing deals and pulling engineers off their real work.
Scrutineer
$599-$2,500/mo flat
Controls mapped, evidence collected and monitored, questionnaires auto-answered, and vendors scored continuously. A flat monthly fee, the same posture every day.
| Staying compliant | Manual or point tools | Scrutineer |
|---|---|---|
| Control mapping | Per-framework spreadsheets | One crosswalk across SOC 2, ISO 27001, HIPAA, GDPR, PCI |
| Evidence | Chased manually before audit | Collected automatically and kept current |
| Monitoring | Point-in-time, goes stale | Continuous, drift flagged as it happens |
| Questionnaires | Answered by hand per deal | Auto-answered from your evidence |
| Vendor risk | Stale spreadsheet reviews | Scored and monitored continuously |
Managing many vendors? See third-party risk management or vendor risk management.
On every plan
Every plan keeps you audit-ready
No matter which plan you pick, Scrutineer maps controls, collects evidence and flags gaps, and you stay in control of the decision. You only size up for more frameworks, vendor risk and scale.
Control mapping
Your existing controls mapped to the framework requirements, on every plan.
Evidence you can defend
Each control links to the current evidence that proves it, so audits hold up.
You stay in control
Scrutineer is decision-support. Your accredited auditor issues the attestation.
Your data stays yours
Evidence is yours, never sold and never used to train public models.
Control mapping · automated evidence · continuous monitoring · audit-ready reports
Pricing questions
Quick answers before you pick a plan
Scrutinize any company, including your own
Get started and connect your stack. Scrutineer maps controls to every framework, collects evidence automatically, monitors continuously, and scores every vendor. An accredited auditor still issues your attestation.
USD · Every plan paid · No per-questionnaire fees