Tell us about your situation. We'll confirm which frameworks apply, what your compliance gaps look like, and what it would cost to manage them ongoing.
Get in touch
We respond to all enquiries within one business day.
WA-based. We work with clients across WA and nationally for Defence supply chain engagements.
What to expect on the discovery call
We confirm which frameworks actually apply to your organisation
We give you an honest assessment of your current compliance posture
We explain what a managed service engagement looks like for your situation
We provide indicative pricing before you commit to anything
No hard sell — if we're not the right fit, we'll tell you
Common questions
Before you reach out
How long does the readiness assessment take?
Typically 2–3 weeks from engagement start to final report. We scope it tightly before we begin so there are no timeline surprises. The output is a maturity scorecard, gap analysis, and prioritised remediation roadmap.
Do I have to commit to an ongoing retainer?
No. We start with a fixed-fee readiness assessment. The CMaaS retainer only begins if you choose to proceed after seeing the assessment results. There's no obligation to continue after the assessment.
What if I only need one framework?
Absolutely fine. Many clients start with a single framework — typically Essential Eight or Privacy Act — and add frameworks as their obligations grow. Bundle pricing applies automatically when you do.
We're in early stages. Are we too small?
We work with organisations from 20 staff upward. If you have a compliance obligation — a contract questionnaire, a DISP application, or a school with student data — you're not too small. The fixed monthly fee is structured to scale to your situation.
Do you work with organisations outside Perth?
Our primary focus is WA-based organisations. For Defence supply chain engagements, we work nationally. All client work is managed by our Perth-based team — no offshore handoffs.
What does the monthly retainer include?
Evidence collection and maintenance, control monitoring, policy updates, regulatory change management, and audit readiness preparation. You have a named point of contact and a monthly status report. We manage the compliance — you run your business.