Skip to content
Cognita is coming soon

Purpose-built risk AI. Trusted where it matters most.

Get ready to meet Cognita by Protecht. Your intelligent AI assistant for risk and compliance. Backed by the trust Protecht has earned with businesses, regulators and central banks worldwide, Cognita identifies critical gaps, guides users in real time, and automates admin so you can focus on decisions, not distractions.

Register for updates

With Cognita, Protecht is transforming risk and compliance into an AI-powered discipline: a world where intelligent automation doesn’t just analyse data, but actively strengthens decisions, safeguards your organisation, and keeps you ahead of evolving risks.

Coming soon. AI smart enough to help, safe enough to trust.

Cognita combines deep risk expertise with proven AI safety to deliver intelligent automation you can actually trust: built to enhance decision-making, not disrupt it.

  • Risk expert-led: Not generic AI but designed by risk professionals, trained on trusted, authoritative content

  • Safe and transparent: Results you can verify, with guardrails for accuracy and control

  • Purpose-built for GRC: Not ‘tech for tech’s sake’, but real solutions that improve risk culture, engagement and decision-making .

Discover Cognita's AI features.

Don’t let a missed incident become a headline.

Cognita guides users to capture complete incident data, find duplicates, and surface insights to prevent recurrence by acting on lessons learnt.

  • Natural language guidance helping users log incidents quickly and accurately

  • AI-supported incident review and actioning for faster resolution

  • Trend analysis to identify and address root causes and ineffective controls

You set the standard. Cognita helps your team meet it.

Cognita acts as your extended coaching bench, prompting users with just-in-time guidance and freeing your team to focus on bigger-picture risk leadership.

  • Embedded guidance on risk and compliance concepts

  • Intuitive step-by-step navigation through forms for task completion

  • Trained on Protecht’s extensive library of expert-led risk training, industry frameworks and thought leadership

  • Curated, context-aware advice from leading risk professionals to help every user act with confidence, consistency and compliance

AI roadmap.
Planned Cognita features.

Agentic automation

Agentic AI to automate tasks and workflows in areas such as vendor risk management and business continuity management

Integrated with email and chat tools to bring AI-powered actions into daily work

Richer insights

Unlock more action-oriented insights through advanced analytics and trend analysis

Regulatory intelligence

Transform regulatory and compliance content into clear requirements, obligations and controls

Detect emerging compliance changes and convert them into actionable tasks

Register your interest for updates

Sign up to our knowledge hub and we'll send you exclusive insights into our upcoming AI features.

Register for updates

Preconfigured content - for a turnkey launch

Optimise your risk management at the click of a button. Set up and maintain your ERM system with Marketplace: preconfigured registers, dashboards and reports.

Popular register packages for IT risk management

ISMS Control Library – ISO 27001

Provides a Control Library in line with the ISO/IEC 27001:2022 standard. These controls can be downloaded into the central library and tailored specifically to your organisation. The controls are also mapped to controls in SOC 2 Trust Services Criteria, NIST CSF and APRA CPS234, allowing customers to save time determining overlap in their implemented controls.

ISMS Control Library – NIST CSF v1.1

Provides a Control Library in line with the NIST CSF control framework. These controls can be downloaded into the central library and tailored specifically to your organisation. The controls are also mapped to controls in SOC 2 Trust Services Criteria and ISO 27001, allowing customers to save time determining overlap in their implemented controls.

ISMS Control Library – NIST CSF v2

This package provides a NIST CSF 2.0 Control Library in line with the NIST CSF v2 control framework released in Feb 2024. These controls can be downloaded into the central library and tailored specifically to your organisation. Protecht has also provided a mapping to other common ISMS industry standards/frameworks like SOC 2 Trust Services Criteria and ISO 27001.

ISMS Control Library – SOC2 POF & TSC

Provides a Control Library in line with the SOC 2 criteria. The SOC 2 POF (Point of Focus) control library has been designed by Protecht as suggested controls to comply with the SOC 2 TSC (Trust Services Criteria) requirements. These controls can be downloaded into the central library and tailored specifically to your organisation. The controls are also mapped to controls in NIST CSF and ISO 27001, allowing customers to save time determining overlap in their implemented controls.

ISMS Control Library – APRA 234

Provides a Control Library in line with the APRA CPS 234 prudential standard. These controls can be downloaded into the central library and tailored specifically to your organisation. The controls are also mapped to controls in ISO 27001, allowing customers to save time determining overlap in their implemented controls.

ISMS Registers and Dashboards

Streamlines data capture and reporting to help organisations manage:

  • Controls, statements of applicability and assurance activities

  • Conducting and overseeing IT risk assessments

  • Asset and application risks and health assessments

  • Cataloguing, reviewing and approving policies, policy exceptions and documents

  • Minimising disruption from incidents

  • Visibility of ISMS actions

  • Capturing of exceptions with the policy and documents register

  • Generating risk reports for risk events and ISMS risk entries of interest

ISMS - Security Calendar

Systematically capture and track important security events such as penetration test due dates, cryptographic key renewals, and audits. The ISMS Security Calendar register and dashboard allow you to:

  • Assign ownership and due dates to key events

  • Report on status of events and their completion

  • Provide a centralised repository of important security events

CISO Dashboard

Presents key information from the ISMS registers providing an overview of:

  • IT controls

  • IT risks and drilldown details

  • IT assets and their status

  • IT policies and policy exceptions

  • Helps the user to report on the IT risk posture of the organisation and inform decisions regarding cybersecurity and ISMS strategy.

Find out more about AI and risk management

Thought leadership and product demonstration webinars

Thought leadership webinar

Governing AI in a new era: Navigating risk, regulation and responsibility.

Thought leadership webinar

AI risk controls: Is your AI under control or running wild?

Thought leadership webinar

The AI revolution is here. Are you ready to manage the risks?

Frequently asked questions about AI in governance, risk and compliance (GRC):

“AI” refers to the simulation of human intelligence in machines. In GRC (Governance, Risk, and Compliance), AI is increasingly used to automate compliance processes, enhance risk assessments, and provide actionable insights.

Many technologies fall under the “AI” umbrella. Artificial Intelligence (AI) is the broadest term and refers to machines designed to mimic human intelligence. This includes tasks like problem-solving, learning, and decision-making. Examples of AI include virtual assistants like Siri and Alexa.

Machine Learning (ML) is a subset of AI that involves training algorithms to learn from data and make predictions or decisions without being explicitly programmed for each task. For instance, ML is used in recommendation systems like Netflix's.

Large Language Models (LLMs) are a type of deep learning model designed to understand and generate human language. They are trained on vast amounts of text data and can perform tasks like translation, summarisation, and conversation. Examples include GPT-3 and Claude.

Non-Generative AI focuses on analysing and classifying existing data rather than creating new content. It excels in tasks like pattern recognition, prediction, and classification.

Generative AI (Gen-AI) is a subset of artificial intelligence that uses generative models to create new content such as text, images, videos, audio, or software code based on input prompts. These models learn patterns and structures from large datasets and use this information to generate original content. Examples of generative AI tools include chatbots like ChatGPT, text-to-image models like DALL·E, and text-to-video models.

AI can analyse vast amounts of data in real-time, identify patterns such as finding route causes, and automate routine tasks such as logging incidents, thereby reducing manual effort and increasing accuracy.

Benefits include improved accuracy in risk assessments, reduced manual effort, enhanced compliance monitoring, and better decision-making capabilities.
AI can reduce costs associated with manual compliance processes, minimise risks, and improve overall efficiency, leading to significant cost savings and better resource allocation. AI can also help with better and faster data capture and analysis, which means businesses can make better and more timely decisions, helping them avoid or minimise risks and associated financial losses.