FAQs

So how exactly does this work ?

Framework Freak will supply and install the custom compliance framework you purchase into your GRC automation tool. That's it.

What tools do you support ?

Framework Freak custom compliance frameworks can be imported into Drata, Vanta, Scytale, SecureFrame and more. If your GRC automation tool isn't listed, please ask.

How much do these things cost ?

Custom compliance frameworks are priced a bit differently depending on their size and complexity. Generally they are in the range $749-1499 one-off. Discounts can apply for bundling, special causes etc.

What do I actually get for my money ?

A custom compliance framework (a structured data package) and about 1 hour of help to install and configure it in your GRC automation tool. And support/maintenance, if you choose it.

So you provide support as well ?

Yes, Framework Freak has an optional-but-recommended annual support/maintenance plan - access via our service desk (email, chat & remote support). Its priced at $499/year and covers any/all custom frameworks you've purchase through Framework Freak.

Do you provide framework updates ?

Yes, if you've taken our annual support/maintenance plan, we provide quarterly (4x annual) updates of the custom compliance frameworks based on any changes published by the authority involved (no changes = no updates!).

How do I buy a custom framework ?

You can buy custom frameworks right here on our webstore - all our products are listed here

Or if you are an AWS customer, you can also buy some of our products and services from AWS marketplace, and charge them to your AWS account.

Or if you need a good old fashioned quote, we can do that too, please contact us to kickstart that process.

How do I get it installed ?

Generally one of two modes: either an interactive screen share session or temporary guest admin access to your GRC automation tool. If you really want, we can just ship you the structured data file in the right format to import into your GRC automation tool, but most people take the offer of a bit of help to get started.

What GRC automation tools do your frameworks work with ?

All the popular ones: Drata, Vanta, SecureFrame, Scytale etc. The only requirement is that the tool supports importing custom frameworks. Most do, but *some* do not, and some require a particular level of licensing to allow custom frameworks. If you're not sure, ask us and we can help guide you.

Do you sell GRC automation tool licenses ?

No, we don't. You can generally buy the license from the vendor themselves or we work with a number of their authorized partners. Get in touch and we'll introduce you.

Do I own the custom compliance framework ?

Almost. If its one of our off-the-shelf packages, then you are purchasing a single-customer-use, not-for-resale license with no rights to the underlying intellectual property. If you are commissioning a custom compliance framework, we can negotiate this. There is almost always a third-party publisher of the compliance framework that is the ultimate owner, and the product you are buying or commissioning is a structured data representation of it for a specific purpose, inclusion in a GRC automation tool.

How much does it cost for you to build a custom compliance framework for me ?

It depends. We have two standard packages - build-to-own ($3,499) and build-to-share ($1,749) that are available at fixed prices. If neither of those work for you we'll try our hardest to give you a fixed price quote (ie you get X for Y cost in time Z). If we just don't think the framework you're looking at is a good fit for a GRC automation tool, we'll tell you that too.

What if I need more help ?

Framework Freak focuses on building compliance frameworks as products. We have some friends who provide other types of support services eg baseline assessments, improvement progression, attestations and audits. Get in touch and we'll recommend them.