Features

Everything to categorize, document, and assess

Catégo covers your entire information security and privacy compliance journey — from asset inventory all the way to presentation-ready exports.

Pillar 1

Information asset categorization (DICT)

Assess each asset across the four dimensions of the DICT model — Availability, Integrity, Confidentiality, and Traceability — to set a sensitivity level and prioritize the appropriate protection measures.

  • Step-by-step guided categorization record for each asset
  • DICT levels with documented justifications
  • Owner and steward clearly assigned
  • Prioritization of the most sensitive assets
DICT categorization record in Catégo

Foundation

A complete, connected inventory

Categorization and the register both build on a structured inventory. Record and connect everything that matters to your compliance.

Information assets
Systems
Vendors
Locations
Owners
Personal information
Inventory of assets and systems in Catégo

Pillar 2

Records of processing (RoPA)

Document each personal information processing activity and keep your register up to date, ready to present to the Commission d'accès à l'information or another authority.

  • Purposes, data categories, and recipients
  • Security measures and retention periods
  • Cross-border transfers and their associated mechanisms
  • Confidentiality incident log
Records of processing in Catégo

Pillar 3

Impact assessments (PIA/EFVP)

Produce your privacy impact assessments faster, with a structured draft generated by the AI and validated by an authorized person.

  • Automatic detection of PIA triggers
  • Draft written from your data
  • Versioning and review tracking
  • Scheduled reassessment date
PIA impact assessment in Catégo

AI assistant

The AI does the first draft, you approve

The assistant speeds up every step without ever deciding for you.

Natural-language intake

Describe an activity or asset in plain language; the AI extracts a structured record that you complete.

Justified DICT suggestions

The AI proposes a level for each DICT dimension and drafts the justification, which you adjust as needed.

Personal information detection

Data likely to be personal information is flagged so nothing is missed in the register.

PIA generation

A draft impact assessment is produced from your existing data, clearly labelled "AI-generated".

You keep control and traceability: every AI-generated item is reviewed and approved by an authorized person before it is kept.

Demo

See Catégo in action

Watch how to document your privacy compliance — AI-assisted.

Presentation-ready PDF exports

Generate your records of processing and your impact assessments as PDFs, formatted to hand to management, a client, or a supervisory authority.

  • Records of processing as PDF
  • PIA as PDF, structured by section

Multi-regime, extensible

Catégo starts with Law 25, then the GDPR. The data model is multi-regime from day one: the specifics of each framework are added as extensions, without a rebuild.

Law 25 · available GDPR · available PIPEDA · supported

Try Catégo today

First month free, no credit card required.