Standardise
PricingSupportSign inGet started

First Steps After Signup

Walk through the onboarding checklist: subscribe to a plan, enable MFA, invite team members, initialise the SoA, and create your first risk.

The Onboarding Checklist

After you register and verify your email address, your dashboard displays an onboarding checklist. This guides you through the five essential steps to get your ISMS up and running. Each step is marked complete automatically as you progress.

You do not have to complete these steps in order, but the sequence below is recommended for the smoothest experience.

Step 1: Subscribe to a Plan

Navigate to Settings > Billing and choose the plan that fits your organisation. You can toggle between monthly and annual billing — annual plans save you two months.

  • Starter ($299/mo) — up to 10 users, all 8 ISMS modules, Slack and Teams notifications, API keys, CSV export.
  • Pro ($599/mo) — up to 25 users, everything in Starter plus AU Compliance Hub, Jira, GitHub, enterprise SSO (SAML/OIDC), and SCIM directory sync.
  • Business ($999/mo) — up to 50 users, everything in Pro plus custom integrations, priority support, and dedicated onboarding.
  • Enterprise — custom pricing for larger organisations with unlimited users, SLAs, and custom deployment.

Your subscription activates immediately. All ISMS modules will be unlocked once your plan is active.

Step 2: Enable Multi-Factor Authentication

Protecting your ISMS data starts with securing access to the platform itself. Navigate to Settings > Security and enable TOTP-based multi-factor authentication.

  1. Scan the QR code with your authenticator app (Google Authenticator, Authy, 1Password, or similar).
  2. Enter the six-digit code from your app to verify the setup.
  3. Save your backup codes in a secure location. These are your recovery mechanism if you lose access to your authenticator app.

Once enabled, you will be prompted for a TOTP code on every login. We strongly recommend that all team members enable MFA as well.

Step 3: Invite Your Team

Go to Settings > Members and click Invite Member. Enter your colleague's email address and assign a role. They will receive an invitation email with a link to join your organisation.

Start by inviting key stakeholders — your IT security lead, risk manager, and anyone who will be contributing to policies or evidence collection. You can always adjust roles later.

Step 4: Initialise the Statement of Applicability

The Statement of Applicability (SoA) is the cornerstone of your ISMS. Navigate to the SoA module and click the Initialise 93 Controls button. This populates all 93 Annex A controls from ISO 27001:2022 with sensible defaults.

Each control is set to Applicable and Not Implemented by default. You can then work through each category — Organisational, People, Physical, and Technological — to tailor applicability and record your implementation status and justifications.

Step 5: Create Your First Risk

Navigate to the Risk Register and click Create Risk. Describe the risk, assign a likelihood and consequence score, choose a treatment option, and assign an owner.

The risk heat map on your dashboard will begin to populate, giving you a visual overview of your organisation's risk profile. As you identify more risks, you will build a comprehensive picture that informs your control selection in the SoA.

Related Articles

Getting Started
Welcome to Standardise
An overview of the platform, what ISO 27001 is, and what you can achieve with Standardise.
Getting Started
Inviting Your Team
Learn how to invite members to your organisation, understand the five roles, and manage pending invitations.
ISMS Modules
Statement of Applicability
Manage all 93 Annex A controls across four categories, track applicability and implementation status, and export your SoA for auditors.
← Back to Help Center