Build or upgrade your ISMS on our platform

Manage risks and make sound decisions with simple, effective tools

Take your information security beyond the ineffective spreadsheet or costly stand-alone applications to facilitate simple, consistent and effective risk working.

Manage information security risks with a Confidentiality, Integrity and Availability approach aligned with ISO 27001:2013, and also meeting the requirements of EU GDPR. Benefit from similar tools to manage applicable legislation and interested parties. All three tools come with proven, ISO 27001:2013 accredited methodologies and policies to adopt ‘straight-out-of-the-box’, plus content ‘banks’ to Adopt, Adapt or Add to, for significant time-savings.

Treat risks and show it

Easily evidence treatment of each risk where required, linking to relevant policies & controls to keep the ISMS joined-up. If you’ve drawn down from our risk bank, we’ve even created those links to controls for you and a simple mouse click from your control will dynamically update your Statement of Applicability.

See your history and movement of risk over time to demonstrate the results of your treatment are working.

Save loads of time and hassle by working in one place with This means you can avoid inefficiency, cost and risk from buying multiple tools or trying to build your own solution when offers what you need for success at a price you can afford.

A screenshot from the platform showing the risk management features, including the risk map, a graph and linked work options

Add risks, analyse & evaluate impact

Follow our ISO 27001:2013 accredited methodology for managing risk, simply adopting the policy we have written to accompany the tool.

It’s easy to add risks from scratch or drawing down from our risk bank.

Use our powerful linking feature to link risks to assets too, giving an end-to-end view of how your ISMS ‘joins-up’.

We make it simple to analyse & evaluate each one for its impact on confidentiality, integrity and availability. Perfect for demonstrating GDPR compliance too!

Assign risk owners for accountability and work as a team in one secure place in the cloud.

View updates quickly and set review dates with reminders to land in your email inbox, meaning you never forget an important risk.

list in the isms evaluating risks
See how simple it is with

Support decision making and investment activity

In, Risk, Applicable Legislation and Interested Parties data are all highly visible, in attractive and easy to read formats.

Information is exportable too if desired, although like most of our customers you may prefer to work online dynamically.

It’s in one secure online environment, always on to support fast, effective decision making and investment.

risk map detailing potential or actual risks and colour coded for monitoring frequency

Manage Interested Parties

The Interested Parties element of is a requirement in 4.2 of the ISO 27001:2013 standard. We’ve made complying with that really easy for you, with a stakeholder management tool, as well as including the policy methodology for you to adopt. You’ll also get examples from a document bank, to draw down and evaluate as required. allows you to plot ‘power’ and ‘interest’ levels for Interested Parties, so you can quickly decide where best to invest your resources and what might just be noise.

Set reminder dates to ensure you review your Interested Parties for any changes that might impact your ISMS.

Now find out how linking risks to the controls needed for their management will save weeks of work in updating your Statement of Applicability using

stakeholder map of how powerful and how interested they are