The Lightweight
Open Compliance Standard

Mount. Monitor. Manage. Security, AI Act and GDPR compliance for the modern SME.

Download Standard (PDF) Looking for M3 Implementation?

The M3 Concept

Mount

Establish your security baseline. Install ready for use policies and tools, and set up your initial compliance posture with zero friction.

Monitor

Continuous observability. Track adherence to AI Act and GDPR requirements in real-time with automated tools and regular audits.

Manage

Governance and evolution. Respond to incidents, update policies as regulations change, and maintain control over your digital assets.

Questions & Answers

Is M3 a replacement for ISO 27001?

No. M3 Framework is a lightweight "stepping stone" designed for SMEs that are not yet ready for the heavy operational burden of ISO 27001 or ISO 42001. It helps you get compliant with essential regulations like GDPR and the EU AI Act effectively.

Is it free to use?

Yes, for internal use. Companies can implement M3 Framework internally at no cost. However, commercial use such as consulting, certification, or selling M3-based services requires a license. See our License page for details.

The LightweightOpen Compliance Standard