Pricing

Price Model

Transparent: base price per organisation plus user-based licences — expandable with expert analysis and workshops.

MonthYear

Modules

Cyber-Security Basic Check

0 CHF / per Month

Cyber-Security Basis Check Basis Pack

Start

Measures for Cyber-Security Basic Check

85 CHF / per Month

Enable Measures-Board for Basis Check

Activate

AI Governance Check

155 CHF / per Month

AI Governance along ISO/IEC 42001 & EU AI Act

Activate

Data Protection & Compliance Check

175 CHF / per Month

GDPR & revFADP Question Module

Activate

ICS - Internal Control System

145 CHF / per Month

ICS – Dynamic Question Module

Activate

ICT - Minimal Standard

155 CHF / per Month

ICT Minimal Standard along NIST 1.4

Activate
ISO

ISO/IEC 27001

165 CHF / per Month

ISO/IEC 27001:2022 Questionnaire

Activate

NIST CSF 2.0

145 CHF / per Month

NIST Cybersecurity Framework (CSF) 2.0

Activate

Risk module

115 CHF / per Month

Risk Catalog along BSI standards

Activate

Add-ons

+1 Additional User

9 CHF / per Month
Add

+5 Additional Users

19 CHF / per Month
Add

Side-by-side

How does SCMC compare to other GRC tools?

Swiss data residency, native coverage of the Swiss ICT Minimum Standard and revFADP, native German UI, lower entry price — the key differences at a glance.

FeatureSCMCVantaDrataExcel-ISMS
Data residency🇨🇭 Switzerland exclusive (AWS Zurich, eu-central-2)US (default), EU-Frankfurt opt-inUS (AWS us-east)on-premise
Swiss ICT Minimum Standard✅ Native, structured by NIST functions❌ not native (manual NIST mapping)❌ not native (manual NIST mapping)manual
revFADP (Swiss data protection)✅ Combined with GDPR, 107 controls, 3 scope templatesGDPR module onlyGDPR module onlymanual
Platform languageGerman + English (native)English onlyEnglish onlyany
Entry price (public)From CHF 145/monthFrom USD ~10,000/year (Core plan)From USD ~7,500/year (Foundation, ≤50 employees)0 (self-built)
Free tier to try out✅ Basic Cyber-Security Check (10 areas, 39 controls)❌ free demo only❌ free demo only
ISO/IEC 27001:2022✅ all 93 Annex A controlsmanual
NIST CSF 2.0 (with Govern)✅ all 6 functions✅ (CSF 1.1 + 2.0)✅ (CSF 1.1 + 2.0)manual
EU AI Act / ISO 42001✅ 102 controls, 10 domains✅ (dedicated module)✅ (dedicated module)
Audit-ready export✅ Maturity, gap analysis, evidencemanual
Versioned assessment cycles✅ Traceable history

As of April 2026. Competitor data is based on publicly available sources (vendor websites, pricing pages from Vendr/G2/Capterra, help centers) and may change — pricing in particular is not always publicly published. Verify current pricing and feature lists directly with the vendors. SCMC makes no claim of completeness or legally binding statements about competitors.