AAudhive
Hallo.
Hello.
Bonjour.
Ciao.
Hola.

Compliance Management für Ihr Team.
Compliance management for your team.

Sprache wählen  ·  Choose your language

Compliance Management Platform

Audit with
complete confidence.

Audhive unifies your security controls, audit evidence, and compliance reporting in one platform — designed for teams that operate at enterprise scale.

Audhive · Security Audit Dashboard
Overview Controls Documents Reports
Compliance Score
87%
ISO 27001 · Tenant A
Open Findings
4
2 critical · 2 minor
Security Controls 32 total
A.9 — Access Control PolicyCompliant
A.12 — Operations SecurityCompliant
A.14 — System AcquisitionReview
A.18 — Compliance ChecksPending
AI Review ready · 3 controls need evidence update Run Review

ISO 27001 Ready

Control frameworks aligned to international security standards out of the box.

Full Audit Trail

Every action logged. Immutable history for complete accountability.

Multi-Tenant

Manage multiple business units or clients from a single installation.

100% On-Premise

Deploy within your own infrastructure. No data leaves your environment.

0
ISO 27001 controls pre-mapped
100%
Data stays on your infrastructure
0
External runtime dependencies
Platform Features

Everything your compliance
team needs, in one place

From control mapping to executive reporting — Audhive covers the full compliance lifecycle in a single, connected platform.

Feature Spotlight

Auditor and control owner.
One thread per control.

No more email threads, no lost context. Auditors request evidence and leave remarks directly on a control. Control owners respond in the same thread — everything stays attached to the audit record.

  • Per-control conversation thread — always attached to the evidence record
  • Auditors can request clarifications, accept or reject evidence inline
  • Full message history preserved in the audit trail
A.9 — Access Control Policy Compliant ✓
Please provide evidence for the privileged access review, Q3 2026.
Laura K. · Auditor  · 10:32
access_review_q3.pdf
M. Schneider · Control Owner  · 10:45
Reviewed. Evidence accepted — control marked Compliant.
Laura K. · Auditor  · 10:47
Type a message…
Send
Datasets & Services

Ready from day one —
built for your requirements

Pre-built Control Datasets

Audhive ships with production-ready control datasets for the most relevant frameworks — no manual setup required. Every control is fully editable to match your organization's specific interpretation and requirements.

  • ISO 27001 / 27002Complete control framework, ready to use
  • IKTSwiss IKT Minimal Standard (BACS)
  • All controls remain fully editable to fit your organization's needs
  • Dataset updates available as a paid subscription — stay current as standards evolve

Professional Services

We're with you beyond the software. Whether it's getting your team up and running or building confidence in the platform — we offer hands-on support by arrangement.

  • InstallationExpert setup and configuration support for your on-premise deployment
  • TrainingOn-site or remote training sessions for your audit and compliance team
  • All services by arrangement — contact us to discuss your needs
AI Review

Intelligent analysis.
Human decision.

Audhive's built-in AI review engine analyzes your control implementations, identifies gaps in evidence, and surfaces findings in structured, auditor-ready language — without sending a single byte to an external cloud.

  • Supports Anthropic Claude and OpenAI GPT models
  • Configurable prompt composition per control type
  • Evidence files (PDF, DOCX, images) analyzed inline
  • Results stay on your infrastructure — always
  • Adjustable summary depth: 3 to 10 sentences
Audhive AI Review
A.9 — Access Control Policy · Tenant A
⚠ Compliance Gap

Evidence for privileged access review is present but does not cover the Q2 period. The policy references a quarterly review cycle; no log export is attached for April–June.

✓ Sufficient Evidence

The access control policy document (v2.3) is current, approved, and aligned with ISO 27001 A.9.1.1. No corrective action required for this dimension.

Built for Every Scale

From startup to enterprise.
One platform, full flexibility.

Whether you're running a single compliance project or managing audit programmes for dozens of clients — Audhive adapts to your structure without compromise.

SME

Audit-ready without an IT department.

Designed for lean teams that need professional compliance tooling without enterprise overhead. Up and running in less than a day.

  • Native auth with TOTP and Passkeys — no identity infrastructure needed
  • ISO 27001 control framework pre-mapped out of the box
  • Simple per-user licensing, no minimum seat count
  • Built-in backup — no DevOps or external tooling required
Enterprise

Scale across business units and subsidiaries.

Multi-tenant architecture with Azure Entra ID SSO and granular role-based access — built for organisations managing compliance at scale.

  • Unlimited tenants, fully isolated per business unit or subsidiary
  • Azure Entra ID SSO — single sign-on across the entire organisation
  • Immutable audit log and executive board-level reporting
  • Custom control frameworks, dimensions, and scoring models
Managed Service

Run Audhive for your clients.

One installation, one admin panel — deliver separate, fully isolated audit environments to each of your clients from a single platform.

  • Each client gets a fully isolated tenant — data never crosses boundaries
  • Per-client reporting, evidence management, and control tracking
  • Single admin interface to manage all client environments
  • Flexible licensing — scale as your client base grows
Modules & Pricing

Choose your module.
Transparent licensing.

Audhive is licensed per tenant, with 3 user seats included per tenant. Additional user licenses are available as a shared pool — not tied to any specific tenant.

SEC
Security Audit
For IT security teams managing technical controls and recurring audits.
License Model
Per tenant · 3 users included
+Additional user licenses available
  • Security control framework
  • ISO 27001 mapping
  • Evidence collection & review
  • Audit scoring & reporting
  • PDF report export
  • AI-powered review
  • Multi-tenant support
Request Pricing
Additional user licenses available
Most Popular
FULL
Complete Suite
The full Audhive experience. SEC + ICS with custom frameworks and priority support.
License Model
Per tenant · 3 users included
+Additional user licenses available
  • Everything in SEC + ICS
  • Custom control frameworks
  • Executive board dashboards
  • Advanced AI review
  • Questionnaire module
  • Full report builder
  • Changelog & audit trail
  • Priority support
Request Pricing
Additional user licenses available
ICS
Internal Controls
For internal audit teams focused on process controls and operational compliance.
License Model
Per tenant · 3 users included
+Additional user licenses available
  • Internal control assessments
  • Risk-based questionnaires
  • Compliance scoring model
  • Policy & procedure library
  • Control effectiveness tracking
  • Audit trail & changelog
  • Multi-tenant support
Request Pricing
Additional user licenses available
How user licensing works
Each licensed tenant includes 3 user seats. If you need more, additional user licenses are available as a shared pool — not tied to any specific tenant. A 5-tenant license with 10 extra licenses gives you up to 25 seats total.
Enterprise Ready

Built for organizations where security is non-negotiable

Audhive is designed to meet the demands of teams where data sovereignty, auditability, and access control are requirements — not options.

🔒

On-Premise Deployment

Run Audhive entirely within your own infrastructure. No data leaves your environment — ever. Full control over your hosting stack.

🏢

Azure AD SSO

Native Microsoft Entra ID integration. Single sign-on for your entire organization, with no additional identity infrastructure required.

🛡

Role-Based Access

Granular permissions down to individual modules. Tenant admins, global admins, read-only auditors — fully configurable per installation.

📋

Immutable Audit Log

Every action, every change, every login is recorded. Full activity log with export for compliance reporting and forensic review.

Infrastructure Requirements

Runs on your infrastructure — exactly as you need it

Audhive is designed for on-premise deployment. These are the standard infrastructure requirements for a production installation.

🐘

PHP

The application is built on PHP. No framework dependencies — a clean PHP installation is sufficient.

8.1+Required — PHP 8.2 or 8.3 recommended
Extensions: pdo_mysql, zip, gd, mbstring, openssl
🗄

MySQL / MariaDB

All audit data, controls, evidence metadata, and user records are stored in a relational database.

MySQL 8.0+or MariaDB 10.6+
Separate database per installation recommended
🌐

Web Server

Audhive runs behind any standard PHP-capable web server with HTTPS support.

Apache 2.4+with mod_rewrite enabled
nginx + php-fpm also supported
📁

File Storage

Evidence files (PDFs, DOCX, images) are stored on-disk within the application directory. No object storage required.

Local filesystemNFS mounts supported
Storage scales with your evidence volume
🔑

Authentication

Audhive supports Microsoft Entra ID (Azure AD) SSO and a built-in native auth with TOTP multi-factor authentication.

Azure AD SSOor native auth with TOTP
Azure App Registration required for SSO
🔗

Network

Outbound internet access is required only for AI review calls and Azure SSO. The application itself is fully self-contained.

Outbound HTTPSfor AI provider + Azure
AI feature optional — works offline without it
Technology Stack

Built on proven,
battle-tested technology

Audhive is built with a deliberately lean stack — no complex runtime dependencies, no proprietary services. A standard LAMP environment is all you need to run a production deployment.

  • PHP 8.x backend — no framework, minimal attack surface
  • MySQL / MariaDB for all structured data
  • Vanilla JS frontend — no build step, no bundler required
  • RSA-signed update packages with schema migration support
  • Azure AD OAuth2 + native TOTP auth with passkey support
  • AI calls via your own API key — Claude or GPT
stack.yml
# Audhive production stack

runtime:
language: PHP 8.2+
server: Apache 2.4 / nginx
database: MySQL 8.0 / MariaDB 10.6

frontend:
framework: Vanilla JS # no build step
css: plain CSS
charts: Chart.js 4

auth:
sso: Microsoft Entra ID
native: TOTP MFA + Passkeys

ai:
providers: Claude · GPT # BYOK
local_data: true # nothing leaves

updates:
format: ZIP + RSA-SHA256 sig
migrations: idempotent SQL

Ready to take control of your compliance?

Schedule a product demo or discuss licensing options for your organization. We respond within one business day.