Document governance · Compliance · Multi-tenant

Industrialize your documentation.
Prove your compliance.

Corpus Doc is the document management platform for demanding organizations — banking, cybersecurity, healthcare, telecom, public sector, NGOs. Centralize your corpus, align it with your standards (ISO 9001, ISO 27001, GDPR, ITIL, EBIOS RM, NIST, NIS 2) and prove your compliance — in weeks instead of months.

ISO 27001:2022 PSSIE · PPIIC GDPR · NIS 2 On-Premise ready MITRE ATT&CK
The challenge

Documenting a SOC or government IT system remains a puzzle

⚠️
Fragmented documentation
Word, Excel, Confluence, SharePoint — corpora scatter and go stale.
⚠️
Time-consuming audits
Preparing a PSSIE or ISO 27001 audit mobilizes weeks of resources.
⚠️
Moving frameworks
ISO 27001:2022, NIS 2, DORA — maintaining alignment demands constant watch.
⚠️
Dispersed teams
Writers, auditors, steering committees and regulators speak different languages.
Features

A platform designed for cyber teams

Six building blocks covering the full lifecycle of your documentation — from AI-assisted drafting to compliance audits.

🏢
Multi-tenant & sovereign
Shared SaaS or On-Premise deployment in your infrastructure. Multi-branch mode for ministries and groups.
📚
140+ frameworks integrated
ISO 27001/22301/9001, NIST CSF, MITRE ATT&CK, OWASP, CIS, PSSIE, PPIIC, NIS2, GDPR, ANSSI, APDP — automatic alignment.
🎯
Sector templates
5 ready-to-use corpora — State SOC (58 docs), ISO 27001, ISO 9001, GDPR, IT Governance. Customizable.
Built-in Claude AI
Document generation, review, and rewriting assisted by Claude Sonnet 4. 60% time savings.
🛡️
Security by design
Mandatory MFA for admins, SAML/OIDC SSO, AES-256 encryption, immutable audit log, IP allowlist.
🔌
SIEM Integrations
Splunk ES, Elastic Security, Microsoft Sentinel, Keycloak, LDAP/AD, Google Workspace, Entra ID, webhooks, REST API.
Use Cases

For whom, for what

Three typical scenarios where Corpus Doc delivers immediate value — but the platform fits any structured documentation corpus.

🛡️
SOC & CERT
Security Operations Center
CISO · SOC Manager · Analysts
  • Five-level document reference map (POL · PCS · PRO · SOP + PLB · MAT/FRM + RNB)
  • Cartography of 58 SOC documents aligned with ANSSI and MITRE ATT&CK
  • Incident playbooks (malware, ransomware, APT) and Splunk ES runbooks
  • SIEM use cases mapped to MITRE tactics and frameworks
🏛️
PUBLIC SECTOR
Government & Ministries
State IT · ANSSI-like agencies · Government agencies
  • PSSIE, PPIIC (Gouv-01 → Cy-16), NIS 2 transposition compliance
  • Multi-branch mode for ministries with multiple directorates
  • Sovereign On-Premise deployment in your datacenter
  • Integration with national cyber agencies (ANSSI, ASIN, APDP, bjCSIRT)
🏦
CRITICAL INFRASTRUCTURE
Critical institutions
Banks · Microfinance · Critical infra · Health · Energy
  • NIS 2, DORA, Solvency II alignment, sector-specific standards
  • ISO 27001:2022 Annex A controls mapping
  • Automated regulatory reporting (CSV, PDF, Excel)
  • Full traceability for external audits and regulators
They talk about us

What our customers say

Cyber, compliance and IT teams who have industrialized their documentation with Corpus Doc.

"
We cut our ISO 27001 documentation prep from 8 months to 6 weeks. The framework alignment matrix alone is a game changer.
— RSSI
Bank · West Africa
"
The Sovereign On-Premise mode and audit trail were non-negotiable for our regulator. Corpus Doc was the only platform that ticked every box.
— DSI
Public sector · Ministry
"
AI has accelerated our work on drafting a document corpus.
— Responsable SOC
CSIRT · Telecom
Catalog

140+ frameworks — inherited in one click

Each document can be aligned with multiple frameworks. Coverage matrices are generated automatically.

ISO Standards
ISO 27001ISO 27002ISO 27005ISO 22301ISO 9001ISO 15489
NIST & MITRE
NIST CSF 2.0NIST SP 800-53MITRE ATT&CKMITRE D3FENDMITRE ATLAS
OWASP/CIS Security
OWASP Top 10OWASP ASVSOWASP SAMMCIS Controls v8CIS Benchmarks
EU & International
GDPRNIS 2DORAeIDASTrusted IntroducerFIRST SIM3
France & Francophone
PSSIEANSSIPPIICAPDPbjCSIRTSecNumCloud
SIEM & Vendors
Splunk ESElasticSentinelQRadarIBM GuardiumCrowdStrike
FAQ

Frequently asked questions

Can Corpus Doc be deployed On-Premise?
Yes. The Sovereign plan allows full deployment in your own infrastructure (VMware, OpenStack, Kubernetes), with no public cloud dependency. Claude AI can be replaced with a locally-hosted LLM.
Which frameworks are supported out of the box?
Over 140 frameworks are cataloged — ISO (27001/22301/9001/15489), NIST CSF/SP 800-53, MITRE ATT&CK/D3FEND/ATLAS, OWASP (Top 10, ASVS, SAMM), CIS Controls v8 and Benchmarks, NIS 2, DORA, GDPR, PSSIE, PPIIC (Gouv-01→Cy-16), ANSSI, APDP, bjCSIRT, Trusted Introducer, FIRST SIM3, Uptime Institute Tier, plus 77 commercial vendors and 36 open-source tools.
How does Claude AI work inside the platform?
Claude Sonnet 4 assists with drafting, review, and rewriting of documents. It can generate a draft from a simple use case fiche, suggest structural improvements, or verify alignment between a document and a framework. All exchanges are logged in the audit trail.
Is Corpus Doc GDPR compliant?
Yes. Data is hosted in the EU by default (Starter and Pro plans), or in your own infrastructure (Sovereign plan). Immutable audit log, right to erasure, data export at any time, AES-256 at rest and TLS 1.3 in transit.
How long does it take to set up a SOC corpus?
With the State SOC template (58 preconfigured documents), an initial corpus is operational in 2 to 4 weeks — versus 6 to 12 months with traditional approaches. Claude AI generates first drafts that your teams review and adapt.
Can we migrate from Confluence, SharePoint or a file share?
Yes. The onboarding team (Sovereign plan) handles migration via API or structured CSV/Word imports. Existing documents keep their history and are automatically mapped to a framework.
What are Corpus Doc's certifications?
Corpus Doc aligns with ISO 27001:2022, GDPR and PSSIE. Formal certifications (SecNumCloud, HDS) are in progress for the Sovereign France plan. Compliance audits can be shared under NDA on request.
What support is included?
Starter: community support. Pro: 8×5 support with 4-business-hour SLA. Sovereign: 24/7/365 support with 1-hour SLA, dedicated engineer, and quarterly governance review.

Ready to industrialize
your documentation?

Start for free or request a personalized demo with a cybersecurity engineer. No credit card required.