PICMS was born inside a working UK ISO consultancy. Every feature exists because a real client needed it — and the tools we had weren't cutting it.
PICMS started as a frustration. Training Assurance Consultancy (TAC) had been helping UK SMEs hit ISO 9001, 14001, 45001 and 27001 certification for years — and the same pattern kept repeating itself. A client would engage us, we'd audit their management system, and we'd find the same three things every single time:
Evidence scattered across seven different tools. A compliance calendar sitting in one person's head. And a legal register that hadn't been updated since the last ISO surveillance visit.
The off-the-shelf compliance platforms we tried either priced SMEs out (£800/month minimums, enterprise SaaS pricing), or they were glorified document repositories — no AI, no cross-module linking, no way to see the thread between a risk, a procedure, and the incident that proved the procedure worked.
So we built the tool we wished existed. PICMS — Proactive Intelligent Compliance Management System.
The principles that shape every feature we ship.
A risk links to a control. The control cites a procedure. The procedure is proved by an incident report. Without that thread, compliance is just paperwork. Our Golden Thread system enforces it.
A 12-person drilling firm in Aberdeen faces the same DWR 1997 obligations as BP. We price for real UK SMEs — from £59/month for industry-specific starters, not £800/month enterprise seats.
Our AI drafts your RAMS, flags your gaps, and pre-fills your CAPAs — but it never signs off. Every AI output has a human review step. Your certification body sees the decisions you made.
Every record exports to PDF, CSV, or ISO-audit bundle. If you leave PICMS, you walk out with everything — not a lock-in schema we invented.
Data in AWS London. HSE, ICO, CQC, and UK legislation references baked in. UK GDPR and DPA 2018 as the baseline, not a regional toggle. Built in the UK, for the UK, by UK compliance professionals.
We publish our own ISO 27001 journey on the Trust & Security page — warts and all. We don't claim certifications we haven't earned. We eat our own dog food: PICMS's management system is managed inside PICMS.
No vanity numbers. Just the state of the platform, April 2026.
Small team. Real-world compliance background. UK-based.
Lead auditor and ISO consultant. Started TAC in the UK helping SMEs achieve ISO 9001, 14001, 45001 and 27001 certification. Built PICMS after watching the same evidence-management problems repeat across every client engagement.
PICMS is delivered by a blended team of compliance consultants, UK-based engineers, and AI specialists. Product decisions are made by people who've actually sat across the desk from an HSE inspector.
We're shipping weekly. The roadmap through 2026 includes formal Cyber Essentials certification (Q2), ISO 27001 certification (Q4), expanded industry packs for manufacturing and food production, and deeper consultant white-label tooling. We publish progress on the Trust & Security page.
If you're a UK SME juggling compliance — or a consultancy managing a portfolio of clients — we'd like to hear from you. Every feature request from a paying customer goes on the roadmap.
No credit card. Full access to the platform. Keep your data if you leave.