Built for EU mid-market · Frankfurt-resident

ITAM for EU enterprises. NIS2-ready evidence built in.

Track every device, app, and license — and export auditor-ready NIS2 Article 21 evidence in one click. Built in the EU, for the EU mid-market.

Book a 30-min demo Start free

EU data residency (Frankfurt) · GDPR DSAR built-in · NIS2 Article 21 evidence packs

demo.ontrackio.com/admin

Asset inventory

MacBook Pro 14" Active

ThinkPad X1 Active

Adobe Creative Cloud Underutilised

Dell U2723QE Storage

Microsoft 365 E5 Active

NIS2 Article 21 evidence

Article 21(a) Risk analysis 100%

Article 21(d) Supply chain 100%

Article 21(f) Effectiveness 100%

Article 21(j) MFA 100%

Export PDF for auditor

Built for European mid-market IT and compliance teams

EU data residency

All customer data in AWS eu-central-1 (Frankfurt). No US fallback.

GDPR DPA available

Data-processing agreement on day one. Sub-processor list public.

NIS2 Article 21 + 23

Evidence-pack exports + 24h incident notification workflow.

SOC 2 Type II in progress

Observation window targeted H2 2026. Controls layer in place.

Why OnTrackio

Three reasons the EU mid-market is moving off Lansweeper + ServiceNow.

ITAM that knows about NIS2

Every other ITAM tool stops at inventory. OnTrackio maps your asset state to NIS2 Article 21 sub-controls (a–j) and exports auditor-ready PDFs. Closes the 30% gap ISO 27001 doesn't cover.

EU data, EU rules, EU support

All data in eu-central-1 Frankfurt. No US fallback. GDPR DPA on day one. SCIM and SAML for IdP-led joiner/mover/leaver — same identity flows as Vanta + Drata.

Mid-market price, not enterprise quote

Per-asset pricing from €4/asset/year. No 6-figure ServiceNow commitment. Self-serve trial → annual contract in weeks, not quarters. See pricing publicly — no email gate.

One platform, two jobs done

Inventory the estate. Export the evidence. Without juggling ServiceNow + Excel + Confluence.

Hardware · 1,847 active

MacBook Pro 14" M3 C02ZQ1KMQ6L4 A. Petrauskas Active

ThinkPad X1 Carbon Gen 11 PF3K9R8X J. Schmidt Active

Dell Latitude 7440 CN0K2X3Y — Storage

Microsoft 365 E5 SaaS 47 seats 12 unused

One place for hardware, software, licenses, and contracts.

Endpoint agent reports daily-boolean usage (this license actually used today?) — reclaim seats.
Renewal alerts 60 days ahead; vendor + cost-center rollups for finance.
Built-in DSAR + Article 30 RoPA export — GDPR teams stop maintaining spreadsheets.

Evidence on demand, not on deadline.

NIS2 Article 21 (a–j) sub-controls mapped to actual asset + identity state.
Honest coverage taxonomy: itam_native_evidence / itam_hygiene_floor / itam_proxy / outside_itam_scope. Auditors get the truth, not a checklist theatre.
Article 23 24-hour incident notification workflow — ready for ENISA and national CSIRT mailboxes.

NIS2 Article 21 Evidence Pack · 2026 Q2

Generated for: ACME Bank UAB · 1,847 assets · Frankfurt-resident

21(a) Policies on risk analysis itam_proxy 100%

21(b) Incident handling itam_native_evidence 100%

21(d) Supply chain security itam_native_evidence 100%

21(f) Effectiveness assessment itam_native_evidence 100%

21(j) MFA / SSO itam_native_evidence 100%

We don't sell compliance. We sell evidence.

OnTrackio is not a GRC platform. Vanta, Drata, and AuditBoard are. We do one job: ITAM-derived evidence, honestly labelled.

OnTrackio	Pure GRC (Vanta / Drata / AuditBoard)
ITAM-first; compliance evidence as by-product	Compliance-first; ITAM integration as add-on
NIS2 Article 21 + 23 mapped to ITAM data	SOC 2 / ISO 27001 controls + policy library
€12k/yr (Business tier, 500 assets, NIS2 included)	€25–100k+/yr
Daily-boolean usage telemetry — reclaim license seats	No ITAM usage data — they ingest yours

Need full GRC orchestration? Buy Vanta or Drata alongside OnTrackio. We tell you what we cover and what you still need to source.

Per-asset pricing. No call required.

Three sellable tiers. NIS2 evidence bundled into Business and up. Free tier for evaluation.

Free

For evaluating the platform or running a homelab.

€0

forever, up to 25 assets

Up to 25 hardware + software assets
1 admin user
Endpoint agent (macOS + Windows)
GDPR DSAR + RoPA export
Email-only support

Start free

Starter

For small IT teams that need a real ITAM system of record.

€2,400/yr

100 assets included

€4 per asset/yr above 100

Up to 500 assets (overage at €4/asset/yr)
Unlimited admin + IT users
Google SSO + Microsoft Entra SSO
Hardware + software + licenses + contracts
Renewal alerts 60 days ahead

Start free trial

Business

The primary mid-market tier. NIS2 Article 21 + 23 evidence packs included.

€12,000/yr

500 assets included · NIS2 bundled

€3.50 per asset/yr above 500

Up to 2,500 assets (overage at €3.50/asset/yr)
NIS2 Article 21 (a–j) sub-control mapping
NIS2 Article 23 incident notification workflow
SAML 2.0 + TOTP + WebAuthn passkeys
Activity log + audit export (CSV/JSON)
Priority email + chat support

Book a demo

Enterprise

For 1,500+ asset estates with multi-framework compliance scope.

From €36,000/yr

Custom pricing · NIS2 + DORA + AI Act bundled

Unlimited assets, custom pricing on overage
NIS2 + DORA + AI Act evidence packs
SCIM 2.0 provisioning (Okta + Entra)
Per-tenant IP allowlist + per-token CIDR
Custom SLA + dedicated support contact
Annual security review with auditor liaison

Talk to sales

See full pricing details →

Book a 30-minute demo

We'll show you the demo tenant, walk the NIS2 evidence pack, and answer your hardest compliance question.

Loading calendar…

JavaScript is required to embed the calendar. Open scheduling in a new tab .

Prefer email? Send a message →

Working with a Big 4 EU compliance practice?

OnTrackio fits the NIS2 / DORA / AI Act gap-closure narrative that Deloitte, KPMG, PwC, and EY are already advising on. Partner with us to ship faster.

Partner with us →

See how OnTrackio closes your NIS2 gap in 30 minutes.

Book a discovery call. We'll show you the demo tenant, walk the NIS2 evidence pack, and answer your hardest compliance question.

Book a demo Start free trial