What's New — Week of 25 May 2026

Introducing Standards

This week we're launching Standards, a new way to adopt recognised compliance frameworks like ISO 9001 and ISO 27001 and track your compliance against the work you're already doing in CalmCompliance.

One place for your frameworks

Until now, proving you meet a standard like ISO 9001 meant maintaining a spreadsheet alongside everything else, manually cross-referencing it against the documents, risk assessments and processes living in CalmCompliance. Standards brings all of that into the product itself.

You browse a library of recognised standards, adopt one at a site, and track your live compliance from a single dashboard. Adopting a standard walks you through a short setup: you answer a few questions about your site (whether you develop software, own physical premises, handle personal data, and so on) and the requirements that don't apply are left out automatically. From there you configure each requirement, assign the people responsible, and link the evidence that proves you're meeting it.

Standards requirements list with assignees and compliance status

Once you activate the standard, a RAG dashboard shows where you stand at a glance, surfaces the gaps that still need attention, and rolls everything up into an overall compliance score. As your underlying documents and assessments change, your compliance picture updates with them.

Standards RAG compliance dashboard with overall score and gaps

Evidence drawn from the work you already do

Each requirement is satisfied with evidence in whichever way suits your site. Link a document you've distributed, upload a file, or record a manual confirmation, and the requirement is met either way. The evidence isn't limited to policies and paperwork, either: it can be drawn from the operational work already running across your site, including recurring schedules of checks and planned maintenance, so meeting a standard becomes a by-product of doing the work rather than a separate exercise.

Linking evidence to a standard requirement

Launching with ISO 9001 and ISO 27001, with room to define your own

We've launched with two of the most widely adopted standards. ISO 9001:2015 covers quality management, and ISO/IEC 27001:2022 covers information security, complete with all 93 Annex A controls. Both are kept up to date with their latest amendments, including the new climate action wording added to ISO 9001 in 2024.

These two are just a starting point. You aren't limited to the standards we ship: you can define your own, building out the requirements and evidence that matter to your organisation and tracking them with the same dashboard and compliance scoring. Whether it's a recognised international standard or an internal framework of your own, it works the same way.

Also this week

Search now matches on tag names, so typing a tag into the search box on any list will find everything carrying that tag, not just items with it in the title. We've also moved category and tag filters out of the sidebar and into the main filter bar on the Documents, Forms and Assets pages, making them easier to find.

Approval templates and review policies can now be archived rather than only deleted. Once a template or policy has been used somewhere, you can retire it without breaking the historical record, and archived items no longer clutter the dropdowns when you're setting up something new.