From Beta to Live: What Professionals Taught Us About IX Assess and IX CISO
In mid-February 2026, we opened IX Assess and IX CISO to a closed beta — an invitation to compliance managers, IT security officers, consultants, and auditors to challenge our AI, break things, and tell us what was missing.
47 professionals took us up on that offer. They didn't hold back.
What the Community Told Us
The feedback fell into clear patterns. Compliance managers wanted the assessment to be more specific — not just "you have gaps in access control," but exactly which controls to prioritize first. Consultants told us the chat was good at explaining clauses but needed better context awareness when switching between Annex A controls and risk-related questions. Auditors — predictably — pushed hardest on accuracy. They wanted to know: can this thing actually hold up under real audit pressure?
We listened. Here's what changed.
What We Built Based on Your Feedback
Email transcripts. Multiple testers told us: "The answers are good, but I lose them when I close the tab." Now every IX CISO conversation can be delivered straight to your inbox as a formatted transcript. Your research stays yours.
IX Assess — the full readiness check. Early testers said the initial assessment felt like a starting point, not a destination. They wanted something they could hand to management on Monday morning. The version going live today at /how-ready-are-you/ is a structured walkthrough that maps your current security posture against ISO 27001 requirements and tells you exactly where you stand. Not a quiz — a genuine gap analysis you can act on.
Full chat transcripts by email. Testers kept saying the same thing: "I had a great conversation, but now I can't find it." Closing the tab meant losing everything. Now, after every IX CISO session, you can have the complete conversation delivered to your inbox — fully formatted, ready to share with your team or attach to your project documentation.
A professionals-only entry point. Auditors and consultants told us they wanted a space that spoke their language — without the introductory explanations that slow them down when they already know the standard. For Professionals is that space.
The Test That Mattered Most
Community feedback is invaluable. But one test carried more weight than all the others combined.
A leading European certification body agreed to put IX CISO through a structured evaluation. Their process was straightforward and rigorous: 85 audit-level ISO 27001 questions — the same questions their own auditors and consultants would use in real certification engagements. They ran every question through IX CISO and compared the answers against what their internal team would deliver.
The results:
Accuracy. IX CISO matched or exceeded consultant-quality answers on 78 of 85 questions. The seven remaining questions involved ambiguous clause interpretation and sector-specific regulatory overlap — exactly the kind of nuanced, judgment-heavy scenarios where experienced auditors earn their reputation.
Depth. The CB specifically highlighted IX CISO's ability to cross-reference between Annex A controls and risk management clauses — something that typically requires senior-level audit experience to do well.
Speed. This is where the gap became impossible to ignore. Their consultants estimated the full 85-question set would take a single auditor between 20 and 30 working hours to answer at the same level of quality. IX CISO completed the entire set in under 20 minutes.
What We're Building Next
The CB evaluation confirmed what we already knew: IX CISO is a force multiplier, not a replacement. We're building confidence scoring on every response so professionals can see at a glance which answers to trust and which to review. And we're expanding beyond ISO 27001: IX CISO and IX Assess for CMMC and TISAX are coming next — the same AI-driven approach, applied to the Cybersecurity Maturity Model Certification and the automotive industry's information security standard.
Try It Yourself
IX Assess is live now. See where your organization stands on ISO 27001 readiness — it takes a few minutes, and you'll walk away with a clear picture of your gaps and priorities.
Take the IX Assess readiness check →
Or, if you already know what you need, skip the assessment and go straight to a conversation with IX CISO.
Thanks to every beta tester who pushed us to make this better. You know who you are.
