Skip to content

Featured Search

Cognita is coming soon

Purpose-built risk AI. Trusted where it matters most.

Get ready to meet Cognita by Protecht. Your intelligent AI assistant for risk and compliance. Backed by the trust Protecht has earned with businesses, regulators and central banks worldwide, Cognita identifies critical gaps, guides users in real time, and automates admin so you can focus on decisions, not distractions.

Register for updates

With Cognita, Protecht is transforming risk and compliance into an AI-powered discipline: a world where intelligent automation doesn’t just analyse data, but actively strengthens decisions, safeguards your organisation, and keeps you ahead of evolving risks.

Coming soon. AI smart enough to help, safe enough to trust.

Cognita combines deep risk expertise with proven AI safety to deliver intelligent automation you can actually trust: built to enhance decision-making, not disrupt it.

  • Risk expert-led: Not generic AI but designed by risk professionals, trained on trusted, authoritative content

  • Safe and transparent: Results you can verify, with guardrails for accuracy and control

  • Purpose-built for GRC: Not ‘tech for tech’s sake’, but real solutions that improve risk culture, engagement and decision-making .

Discover Cognita's AI features.

Don’t let a missed incident become a headline.

Cognita guides users to capture complete incident data, find duplicates, and surface insights to prevent recurrence by acting on lessons learnt.

  • Natural language guidance helping users log incidents quickly and accurately

  • AI-supported incident review and actioning for faster resolution

  • Trend analysis to identify and address root causes and ineffective controls

You set the standard. Cognita helps your team meet it.

Cognita acts as your extended coaching bench, prompting users with just-in-time guidance and freeing your team to focus on bigger-picture risk leadership.

  • Embedded guidance on risk and compliance concepts

  • Intuitive step-by-step navigation through forms for task completion

  • Trained on Protecht’s extensive library of expert-led risk training, industry frameworks and thought leadership

  • Curated, context-aware advice from leading risk professionals to help every user act with confidence, consistency and compliance

AI roadmap.
Planned Cognita features.

Agentic automation

Agentic AI to automate tasks and workflows in areas such as vendor risk management and business continuity management

Integrated with email and chat tools to bring AI-powered actions into daily work

Richer insights

Unlock more action-oriented insights through advanced analytics and trend analysis

Regulatory intelligence

Transform regulatory and compliance content into clear requirements, obligations and controls

Detect emerging compliance changes and convert them into actionable tasks

Register your interest for updates

Sign up to our knowledge hub and we'll send you exclusive insights into our upcoming AI features.

Register for updates

Preconfigured content - for a turnkey launch

Optimise your risk management at the click of a button. Set up and maintain your ERM system with Marketplace: preconfigured registers, dashboards and reports.

Popular register packages for IT risk management

ISMS Control Library – ISO 27001

Provides a Control Library in line with the ISO/IEC 27001:2022 standard. These controls can be downloaded into the central library and tailored specifically to your organisation. The controls are also mapped to controls in SOC 2 Trust Services Criteria, NIST CSF and APRA CPS234, allowing customers to save time determining overlap in their implemented controls.

ISMS Control Library – NIST CSF v1.1

Provides a Control Library in line with the NIST CSF control framework. These controls can be downloaded into the central library and tailored specifically to your organisation. The controls are also mapped to controls in SOC 2 Trust Services Criteria and ISO 27001, allowing customers to save time determining overlap in their implemented controls.

ISMS Control Library – NIST CSF v2

This package provides a NIST CSF 2.0 Control Library in line with the NIST CSF v2 control framework released in Feb 2024. These controls can be downloaded into the central library and tailored specifically to your organisation. Protecht has also provided a mapping to other common ISMS industry standards/frameworks like SOC 2 Trust Services Criteria and ISO 27001.

ISMS Control Library – SOC2 POF & TSC

Provides a Control Library in line with the SOC 2 criteria. The SOC 2 POF (Point of Focus) control library has been designed by Protecht as suggested controls to comply with the SOC 2 TSC (Trust Services Criteria) requirements. These controls can be downloaded into the central library and tailored specifically to your organisation. The controls are also mapped to controls in NIST CSF and ISO 27001, allowing customers to save time determining overlap in their implemented controls.

ISMS Control Library – APRA 234

Provides a Control Library in line with the APRA CPS 234 prudential standard. These controls can be downloaded into the central library and tailored specifically to your organisation. The controls are also mapped to controls in ISO 27001, allowing customers to save time determining overlap in their implemented controls.

ISMS Registers and Dashboards

Streamlines data capture and reporting to help organisations manage:

  • Controls, statements of applicability and assurance activities

  • Conducting and overseeing IT risk assessments

  • Asset and application risks and health assessments

  • Cataloguing, reviewing and approving policies, policy exceptions and documents

  • Minimising disruption from incidents

  • Visibility of ISMS actions

  • Capturing of exceptions with the policy and documents register

  • Generating risk reports for risk events and ISMS risk entries of interest

ISMS - Security Calendar

Systematically capture and track important security events such as penetration test due dates, cryptographic key renewals, and audits. The ISMS Security Calendar register and dashboard allow you to:

  • Assign ownership and due dates to key events

  • Report on status of events and their completion

  • Provide a centralised repository of important security events

CISO Dashboard

Presents key information from the ISMS registers providing an overview of:

  • IT controls

  • IT risks and drilldown details

  • IT assets and their status

  • IT policies and policy exceptions

  • Helps the user to report on the IT risk posture of the organisation and inform decisions regarding cybersecurity and ISMS strategy.

Find out more about AI and risk management

Thought leadership and product demonstration webinars

Thought leadership webinar

Governing AI risk: Tools, frameworks and real-world implementation with Protecht.

Thu 28 Aug | Register now

Thought leadership webinar

Governing AI in a new era: Navigating risk, regulation and responsibility.

Watch on demand

Thought leadership webinar

AI risk controls: Is your AI under control or running wild?

Watch on demand

Related industries

Find out how Protecht’s industry expertise can help you meet your risk and controls management requirements across our key industry verticals:

  • Banking

    Manage risk and compliance with a platform configured to empower banks and building societies.

    Learn more

  • Insurance

    Stay on top of regulatory requirements with real-time reporting that gives every user risk ownership.

    Learn more

  • Fintech

    Manage risk and compliance with a platform designed for rapid growth in a rapidly changing environment.

    Learn more

  • Asset management

    Protect investors and meet regulatory obligations with integrated risk management, compliance oversight, and governance tools.

    Learn more

  • Education

    Manage risk with a platform configured to support staff, students and your business needs.

    Learn more

  • Government

    Manage risk and compliance with a platform configured to meet the needs of government entities.

    Learn more

Frequently asked questions about Cognita and AI in governance, risk and compliance (GRC):

Cognita is Protecht’s purpose-built AI explicitly designed for governance, risk, and compliance (GRC). Unlike general-purpose AI models, Cognita delivers answers based on Protecht's trusted risk management thought leadership content, so your users get insight aligned with real-world compliance practices. This helps your teams manage risk with greater confidence and less manual effort. 

Yes. Cognita is designed with guardrails that ensure its outputs are explainable, verifiable, and sourced from trusted content. Furthermore, Cognita aligns with your internal risk and compliance practices. It builds on your existing practices, ensuring AI-driven insights are provided to your users within the context of your organisation's current governance framework and policies.

Cognita functions like an intelligent assistant, guiding users through tasks with clear-language prompts and contextual support. Whether completing a risk assessment, logging an incident, or managing your controls, Cognita helps improve accuracy, boost confidence, and ensure consistent application of your frameworks, even for less experienced users. 

No. Cognita is designed to amplify human expertise, not replace it. It removes repetitive tasks, flags issues early, and provides helpful recommendations — allowing your teams to focus on analysis, strategy, and decision-making. You always stay in control, with complete oversight of Cognita’s suggestions and actions. 
Cognita is embedded within the ERM platform and supports everything tailored to suit your organisation's needs, from structure to naming conventions. Cognita helps your users find, understand and complete tasks faster with more insight, so you have the data your team needs for decisions that impact your circumstances. 
Yes. Protecht ensures that your data is not shared with or used to train third-party AI models. Your data is encrypted, stored in your designated region, and handled according to strict data governance and compliance requirements. 

Cognita enhances risk capture, assessment, and management. It enables users to log incidents more accurately, complete assessments more quickly, and access relevant real-time data and insights. By minimising manual steps and guiding users through best practices, Cognita bolsters risk posture while boosting efficiency across the business units 

Cognita can support your teams by: 

  • Assisting them in locating risk assessment registers and best practices for incident form completion. 
  • Enhancing incident and issue reporting accuracy 
  • Reducing duplication of effort 
  • Providing in-context help and guidance 

These features are designed to improve decision-making and reduce risk exposure immediately. 

We continuously evolve Cognita to bring more automation, insight, and intelligence to your risk and compliance workflows. Potential additions to the Cognita capability set could include:  

Agentic Automation 
Automate tasks and workflows using agent-based AI, especially for vendor risk and business continuity management functions. 

Email & Chat Integration 
AI actions embedded directly into tools like Outlook and Teams, enabling in-the-moment task execution. 

Advanced Insights 
Enhanced analytics and trend detection to offer more actionable insights for better decision-making. 

Regulatory Intelligence 
Transform regulatory and compliance content into clear requirements, obligations, and controls. Also, detect emerging changes and convert them into actionable tasks. 

Contact your Protecht account representative or Customer Success Manager to learn more. You can register interest for updates and explore how Cognita can be implemented to support your current GRC strategy via our upcoming webinars and eBooks.