Security Compliance Simplified.

Aberrant’s loosely coupled service neutral approach to managing security and privacy compliance scales better than any other solution in market.

ISM-P For Companies

Important Features

See the Demo

Aberrant’s information security management platform (ISM-P) is designed to link your information security and privacy documentation to controls and automation. Aberrant turns your policies and procedures into a system of record that allows you to manage work and centralize evidence collection.


A Service Neutral Approach

Aberrant’s ISM-P is a service neutral approach to cybersecurity that enables you to leverage your existing policies and procedures as the source of truth for your security program. Aberrant is designed to complement your existing security stack and can integrate with existing systems of record. We’re different from other solutions in the market because we’re not trying to be everything. We’re only opinionated about your ISM policies and procedures.


The System of Record for your ISM Documentation

Your documentation is the logic layer of your security program. Aberrant uses your security policies and procedures (aka your control standard) as a the source of truth of your security program. Logic is linked to controls and automation. Using Aberrant you can map controls to documentation, and documentation to actual instances of operational tasks. Aberrant support end to end tracing of every action in the system. Using Aberrant it’s possible to trace any action back to the control that underlies it. Aberrant ISM-P is unique in that it unifes your system by tying everything back to your control standard.


The most flexible solution in market

Aberrant provides the most flexible solution in market for businesses that are looking to implement a security program.


  • We support all security standards and privacy frameworks.
  • You can work with any implementation partner or MSSP you choose. Our product is decoupled from any service.
  • Our platform transforms your pre-existing ISM documentation into a source of truth for your security program. Aberrant’s proprietary document graph allows you to link documentation to controls, transforming your ISM documentation into a system of record for your cybersecurity program. If you don’t have ISM documentation you can use our Open-ISM instead, Aberrant system is designed to be agnostic.
  • Aberrant’s platform is containerized so it supports any deployment use case.
  • Aberrant incorporates an unopinionated design which enables it to integrate with pre-existing security infrastructure. This enables us to work in complex security environments, or at small companies. Our system is designed to scale as you grow.

Find an implementation partner

Find an implementation partner that can help you set up and operationalize your ISM-P.


Support for all security and privacy frameworks, including custom controls
Leverages policies and procedures as the 'system-of-record' for your cybersecurity program
Automatic versioning of documents
Document workflow for review and approval of documentation
A rich RBAC model that enables remote work
Task automation and automatic evidence collection linked to policies and procedures
Dynamic risk assessment
An un-opionionated architecture that enables integration with other systems-of-record
Support for programatic integration, APIs, etc.
SSO support via Auth0
Support for on-prem or dedicated cloud deployments
Internationalization support

Have Questions?

Getting started is easy. Contact us or contact one of our implementation partners.

Copyright © 2022 Aberrant - All Rights Reserved.