Security & compliance
engineered by a CISSP.
Ready-made documentation, policies, evidence builders, and assessment frameworks - built by a CISSP / CISM with active DoD ISSM experience. Instant download, no seats, no subscription.
The flagship kits
Deepest toolkits with the broadest coverage. Designed to close enterprise deals, pass audits, or ship a production AI voice agent.
SOC 2 for AI Startups
The only SOC 2 prep kit built for AI companies. 12 AI-specific controls, readiness assessment, policies, evidence mapping, and auditor interview prep.
View DetailsVoice AI Agent Deployment Kit
Deploy a production-ready AI voice agent in under 30 minutes. TypeScript server, 5 industry templates, Docker deployment. Complete source code.
View DetailsFractional CISO Engagement Kit
Templates for vCISOs serving AI startups: engagement proposal, monthly report, board briefing, 12-month roadmap, and maturity assessment. Multi-client license.
View DetailsSecurity Questionnaire Response Kit
330+ pre-drafted answers for SIG, CAIQ, and enterprise security questionnaires. Evidence mapping, trust center templates, and response SOP.
View DetailsCMMC 2.0 Evidence Builder
Every NIST 800-171 control with implementation statements, SPRS scoring, 14 policy templates, POA&M tracker, and assessment prep. 44 documents.
View DetailsFocused toolkits
Single-purpose bundles for governance, compliance, and enablement. Deploy the policy, use the template, move on.
AI Compliance Toolkit
74-item compliance self-assessment covering HIPAA, EU AI Act, FTC/TCPA, and legal ethics. Remediation checklists, staff training outline, and policy templates.
View Details → Governance $197AI Governance Policy Bundle
8 ready-to-deploy AI governance policies: Acceptable Use, Vendor Risk, Data Classification, Incident Response, and more. Professional Word documents.
View Details → Deployment $197AI Employee Rollout Kit
Complete playbook for rolling out ChatGPT Enterprise, Copilot, or Claude. 4-phase plan, shadow AI detection, ROI tracking, training quiz, and internal comms.
View Details → Incident Response $197Incident Disclosure Readiness Kit
Filing-ready disclosure templates for SEC, NIS2, DORA, HIPAA, and state breach laws. 3 tabletop scenarios and evidence chain of custody.
View Details → Privacy $197GDPR AI Compliance Kit
DPIA template for AI processing, Article 22 assessment, EU AI Act risk classification guide, cross-border transfer guide, and 20-item compliance checklist.
View Details → Vendor Risk $147AI Vendor Security Assessment Kit
60-question scored assessment for evaluating AI vendors. Comparison matrix, DPA checklist, and pre-researched profiles for 7 major providers.
View Details →Quick-reference checklists
Short, high-density references for teams that already know the work but want a structured checklist.
- Architecture AI Architecture Review Checklist 100 specific security checks across 10 categories: data flow, tenant isolation, prompt injection, output validation, logging, and compliance. Score yourself. $97
- Hiring AI Startup Security Hiring Kit Job description, 20 interview questions (including AI-specific), weighted evaluation rubric, and red flag guide for hiring your first security person. $97
Free downloads & merch
Instant downloads. No email gate, no upsell. Take what's useful.
Bundles
Save when you buy multiple products together.
AI Startup Essentials
SOC 2 for AI Startups + AI Governance Policy Bundle + Architecture Review Checklist. Everything a seed/Series A AI startup needs to look enterprise-ready.
Enterprise Sales Ready
SOC 2 + Security Questionnaire Kit + AI Vendor Assessment Kit. Close enterprise deals faster with audit-ready documentation and pre-built questionnaire answers.
Full Compliance Library
Every document, every template, every checklist in the Solas AI catalog. 13 products, 199+ files, 178,000+ words. One purchase.
David A. Moline, CISSP | CISM
Your AI automation, built by someone who secures DoD systems.
Who Built These
Every product is written by a CISSP/CISM-certified security professional who also builds AI systems - voice agents, LLM pipelines, and multi-agent architectures. This combination means the templates reflect both what the auditor needs to see AND how AI systems actually work.