← All kits
For teams standing up governance for SOC 2, ISO or a raise · Internal policies

The policy backbone your company runs on.

An auditor or investor asks for your policy set — and you’ve got a folder of half-finished Google Docs.

Thirteen board-ready policies — governance, security, data protection, AI use, IP, confidentiality and trade compliance — the canonical rulebook your AI Act, GDPR, IP and contract toolkits all plug into, with a register to prove rollout.

NEW · JULY 2026v1.1 — Policies at a Glance: every policy in plain English, plus the acknowledgement sheet.

✓ 14-day money-back guarantee. one-off €690 · instant download · fully editable · single-business licence

What’s inside

Everything you deploy, in one download.

Editable source files — not locked PDFs. Built to a single standard and cross-referenced where it counts.

13 board-ready policies1 rollout playbook1 gap-check tool1 Excel register

Guide & tools

  • Rollout Playbook — ISO 27001 & SOC 2 mapped
  • Internal Policies Gap-Check tool

Working file (Excel)

  • 13-policy Register & Adoption Tracker

The thirteen policies

  • Governance & conduct
  • Information security
  • Acceptable use
  • Access control
  • Data retention
  • Incident response
  • Data protection & privacy
  • AI use
  • IP & trademarks
  • Confidentiality
  • Trade compliance
  • Anti-bribery
  • Whistleblowing
Proof, not promises

See the quality before you pay.

No unknown-brand leap of faith. Try the free tool first — the paid kit is the same standard, deployable.

free · no sign-up

Don’t take our word for it — try the thinking.

The free Internal Policies Gap-Check runs on the same senior expertise that built this kit — a live read of your own position, not a teaser. If the free tool is this sharp, you can see what the paid kit is.

Run the free Internal Policies Gap-Check →

A real sample page of the kit documents is available on request.

Thirteen board-ready policies for less than an afternoon of consulting.

Governance, security, data protection, AI use, IP, confidentiality — the canonical set, citation-backed, consistent across all thirteen, and mapped to ISO 27001 and SOC 2. €690.

Why you can rely on it
EXPERT
BUILT

Built and field-tested by a senior compliance and contracts practitioner with 15 years across contracts, GDPR, IP and the EU AI Act — 10,000+ contracts and corporate documents reviewed, both sides of M&A, and a recent USD 40M+ software exit, expertly managed. Not generated and abandoned — engineered, then proven.

Cited to source · version-dated · current as of July 2026

Want the set installed and rolled out for you? See the Internal Policies Review.

See the assessment
The policy menu

Wherever you are with your policies, here’s what fits.

Pick the one that matches where you are — each stands alone, buy in any order or on its own. Your team does the work with our templates; that’s why this costs a fraction of a consultancy.

Check yourself — free
Internal Policies Gap-CheckScores your policy pack and points to the fix, free.Open ›
Get assessed
Internal Policies Review · €2,500Up to 15 policies reviewed, 5 marked up, ISO/SOC 2 mapped.Open ›
Get the documentsyou’re here
Internal Policies Pack · €690Thirteen board-ready policies, register and rollout playbook.On this page
Get it done, keep it current
Fractional · Founder on CallOngoing upkeep, or a policy-set briefing call.Open ›
Questions

Before you buy.

Can’t I generate these myself?

You can generate something. Whether it’s coherent, citation-backed, consistent across thirteen documents and defensible to an auditor is another matter. The pack is the canonical set, mapped to ISO 27001 and SOC 2, with a register to prove rollout.

Will this satisfy a SOC 2 or ISO auditor?

The set is mapped to ISO 27001 and SOC 2, and the adoption tracker is built to evidence that each policy was approved and rolled out — which is what auditors actually test.

Can I edit everything?

Yes — working Word and Excel files. Drop in your company name and approvers and they’re board-ready.

Isn’t this just legal advice in a box?

No — it’s a set of expert-built template documents and guidance you deploy yourself, not legal advice and not a review of your business. The documents are drafted to market-standard positions for a typical software company and are yours to adapt. Buying them creates no lawyer–client relationship or privilege, and Xprofesso LLC is not a law firm.

What you’re buying: deployable, editable source documents — the governance, security and HR policy set procurement asks for — plus guidance to implement them, built by a senior practitioner.

What it isn’t: a check of your specific setup, confirmation the documents are sufficient for your facts or jurisdiction, or an opinion on enforceability. Want your actual policy stack checked? That’s the Policies Assessment. Need a formal opinion or a filing? That’s a licensed lawyer.

Turn the folder of drafts into a real rulebook.

€690, one-off. Instant download, fully editable, backed by a 14-day money-back guarantee.