Overview
Matproof generates a complete policy library pre-mapped to your compliance frameworks. Policies are bilingual (German and English), version-controlled, and ready for your review.Included policies
| Policy | Frameworks covered |
|---|---|
| Information Security Policy | ISO 27001, SOC 2, DORA, NIS2 |
| Acceptable Use Policy | ISO 27001, SOC 2 |
| Access Control Policy | ISO 27001, SOC 2, DORA |
| Incident Response Plan | ISO 27001, SOC 2, DORA, NIS2 |
| Business Continuity Plan | ISO 27001, DORA |
| Disaster Recovery Plan | ISO 27001, DORA |
| Data Protection Policy | GDPR, ISO 27001 |
| Vendor Management Policy | ISO 27001, DORA, GDPR |
| Change Management Policy | ISO 27001, SOC 2, DORA |
| Risk Management Policy | ISO 27001, SOC 2 |
| Cryptography Policy | ISO 27001 |
| Physical Security Policy | ISO 27001 |
| Sustainability Policy | CSRD/ESRS |
| Supply Chain ESG Policy | CSRD/ESRS |
Generating policies
- Go to Policies → Generate
- Matproof creates a draft based on your company information and selected frameworks
- Review each policy in the editor
- Customize where needed
- Publish — policies are now linked to relevant controls as evidence
Policy editor
The editor supports:- Rich text formatting
- Version history
- Comments and review workflow
- Bilingual editing (toggle between DE and EN)
- AI-assisted drafting (click to expand a section with AI suggestions)
Publishing and acknowledgements
When you publish a policy:- All team members with the relevant role are notified
- They can acknowledge reading the policy in the platform
- Acknowledgement rate is tracked and available as evidence
Some frameworks (e.g., ISO 27001) require documented evidence of employee awareness. Matproof’s acknowledgement tracking serves as this evidence.
Version control
Matproof keeps a full version history of every policy. When you update a policy:- Previous version is archived (never deleted)
- Change log entry is created automatically
- Affected team members are notified of the update
- Re-acknowledgement can be required