Pricing scales with firm size because the FTC Safeguards Rule does. Every plan ships your WISP, risk decisions, and audit trail on day one.
The Safeguards Rule has different requirements at different firm sizes. Pick by headcount, not by feature list.
Under 5,000 records, you're not required to have a written IRP, a designated QI, or board reporting. You doneed a WISP, a risk assessment, and training records. That's what Starter ships.
$99/mo · 5 team seats
Once you cross 5,000 records, the Safeguards Rule expects a written IRP, a designated QI, and annual reporting. Professional ships those plus the 58-control register, evidence testing, M365 sync, and the Insurance Gap Assistant.
$249/mo · 15 team seats · Most common for firms handling insurance renewals
At 26+ employees, you typically have multiple partners, multiple offices, a dedicated QI, and board-level visibility. Premium ships unlimited seats, QI dashboard, board reporting, vendor assessment, and unlimited Insurance Gap Assistant questions.
$499/mo · Unlimited seats
Not sure? Pick the next size up. You can downgrade at renewal if you don't use the extra modules.
| Approach | Cost | Time | ComplianceOK? |
|---|---|---|---|
| DIY / Spreadsheets | Free | 20+ hours | ⚠️ Gaps likely |
| Hire a Consultant | $3,000–$15,000 | Weeks | ⚠️ Stale in months |
| Ongoing vCISO / MSP | $2,000–$4,500/mo | Ongoing | |
| Kompflow | From $99/mo | Under a day | |
| Kompflow + vCISO | From $99/mo + advisor | Under a day |
MSPs and vCISOs: we offer annual partnerships with per-client pricing and white-label options. vCISO partnerships · MSP partnerships
1–5 employees · Under 5,000 records
Billed annually at $1,188/year
5 team seats
6–25 employees
Billed annually at $2,988/year
15 team seats
26+ employees
Billed annually at $5,988/year
Unlimited seats
FTC and IRS regulations require annual reviews of your information security program. Annual billing keeps your compliance coverage uninterrupted year-round, with no gaps and no missed renewals during busy season.
Saved vs. hiring a consultant
Max FTC penalty per violation (avoided)
From setup to compliant IRP
Continuous compliance coverage
Choose based on your employee count. Starter (1–5 employees) covers what smaller firms need: WISP, risk assessment, data inventory, and training. Professional (6–25) adds IRP, task management, the 58-control register, and evidence testing. Premium (26+) adds QI dashboards and board-level reporting. This aligns with the FTC Safeguards Rule, which has different requirements based on firm size.
Yes, you can upgrade at any time. We'll prorate the difference for the remainder of your billing period, so you only pay the difference.
We only offer annual billing to align with FTC and IRS requirements for annual plan reviews. This ensures year-round compliance.
You can cancel anytime. You'll retain access until the end of your billing period and can download all your plans forever.
Because the FTC Safeguards Rule has different requirements based on firm size. Firms with fewer than 5,000 records don't need a written IRP, designated Qualified Individual, or annual board reporting. Starter includes everything smaller firms are required to have. Professional and Premium add the modules that larger firms need to meet their additional compliance obligations.
For firms with 5+ offices or white-label needs, reach out through our contact form at kompflow.com/contact and select 'Premium' as the topic.
No. No setup fees, no hidden costs. Just pick the plan that fits your firm size.
Everything you need to know about Kompflow
Still have questions?
Contact Us →Select your plan and complete your purchase
Have a promo code? You can apply it at checkout.
Cancel anytime • 30-day money-back guarantee
Secured by Stripe • PCI DSS compliant
We use cookies to measure site performance and improve your experience. No data is sold to third parties. Privacy Policy