Solution overview | This is incl. in your solution

GDPR & Privacy

RISMA’s GDPR solution supports both controllers’ and processors’ responsibilities – across multiple language and country versions (EN, DK, SE, NO, FI, DE).

Compliance	Article 30 documentation and reporting LIA, TIA and DPIA assessments Mapping and visualizing data flows
Policies	Policy management and awareness campaigns Ready-to-use templates (e.g. privacy and cookie policies) Predefined procedures (e.g. consent withdrawal) Templates for data processor agreements
Governance	Recommended safeguards Task delegation and automated reminder Register data processors, controllers and systems
Incident management	Manage data breaches and security incidents Custom workflows for reporting, handling and follow-up
Risk management	Privacy risk register and evaluation Custom workflows for mitigation Processor audits and risk reviews
Data processor management	Conduct data processor management audits and risk assessments Classification of assets and activities
Dashboards & reporting	Customisable and exportable reports Dashboards (e.g. DPO) and annual overviews

CSRD

RISMA’s CSRD solution helps meet reporting requirements with a structured approach – across multiple language and country versions (EN, DK, SE).

Compliance	Gap analysis across all ESRS Yearly ESG report export Audit overview of material and non-material data points
Policies	Policy management and awareness campaigns
Governance	Recommended safeguards Annual wheel for non-financial reporting Task delegation and automated reminders Stakeholder management
Incident management	Due diligence documentation Custom workflows for reporting, handling and follow-up
Stakeholder management	Classification of assets and activities
Risk management	Double materiality and IRO assessments Custom workflows for mitigation
Dashboards & reporting	Progress overview on CSRD compliance Management report on disclosures Sustainability report draft management

NIS2

RISMA’s NIS2 solution supports structured compliance checks and documentation – available in multiple language versions (EN, DK, SE).

Compliance	Full ISMS module (add-on) Overview of NIS2 critical assets Mapping to ISO 27001/02 and CIS18 frameworks Sector-specific setups and localisations (add-on)
Policies	Policy management and awareness campaigns Ready-to-use templates (e.g. information security, vendor and access management)
Governance	Recommended safeguards Annual wheel for NIS2 activities Task delegation and automated reminders
Incident management	Custom workflows for incident processes Assessment and documentation of significant incidents
Risk management	Risk register and assessments Threat catalogue Custom workflows for risk handling
Vendor management	Asset management (e.g. risk assessment and supplier audits) Classification of assets and activities
Dashboards & reporting	Customisable and exportable reports Dashboards and annual overviews

DORA

RISMA’s DORA solution supports digital operational resilience management – available in multiple language versions (EN, DK, SE, NO).

Compliance	Maturity assessment and gap analysis across all DORA articles Overview of critical or important functions Compliance documentation for ICT arrangements Mapping to ISO 27001/02 and CIS18 frameworks Register of Information with ESA format and validation checks (Can also be a standalone product)
Policies	Policy management and awareness campaigns
Governance	Recommended safeguards Annual wheel for DORA compliance Task delegation and automated reminders
Incident management	Custom workflows for incident handling and processes Assessment of major incidents Reporting of incidents in line with DORA requirement
Risk management	ICT risk management Procedure template for risk assessment Custom workflows for mitigation Asset management incl. risk assessments and supplier audits Third-party risk management
Contract management	Contract AI Partner feature Customisable and exportable reports Dashboards and annual overviews ROI reporting (Excel, CSV, XML) Classification of assets and activities
Dashboards & reporting	Progress overview on DORA compliance Management report on disclosures

AI Act

With RISMA’s AI Act solution, you can manage, classify, and document your AI systems – available in Danish (DK) and English (EN).

Policies	Policy management and awareness campaigns
Vendor management	AI register for overview and compliance documentation of high-risk AI systems Questionnaire with scoring to determine AI usage and risk classification
Governance	Controls catalogue Annual wheel for AI Act activities Task delegation and automated reminders
Risk management	Risk management Threat catalogue Custom risk workflow Classification of assets and activities
Dashboards & reporting	Customisable and exportable reports Dashboards and annual overviews

NSIS

RISMA’s NSIS solution ensures NSIS compliance by establishing a complete overview, identifying risks, and implementing action plans - available in Danish (DK).

Compliance	National Standard for Identiteters Sikringsniveauer (NSIS) Automated gap analysis with recommended activities
Policies	Policy management and awareness campaigns
Governance	Recommended safeguards Annual wheel for NSIS activities Task delegation and automated reminders
Dashboards & reporting	Customisable and exportable reports Dashboards and annual overviews

Norwegian Transparency Act

RISMA’s solution for the Norwegian Transparency Act supports getting control of supplier data and documentation and provides a structured approach to the due diligence process - available in multiple language versions (NO and EN).

Compliance	Norwegian Transparency Act / Åpenhetsloven Automated gap analysis with recommended activities
Policies	Policy management and awareness campaigns
Governance	Actions and controls catalogues Annual wheel for activities Task delegation and automated reminders
Incident management	Custom workflows for incident processes Assessment and documentation of significant incidents Incident questionnaires
Risk management	Risk management Threat catalogue Custom risk workflow Classification of assets and activities
Dashboards & reporting	Customisable and exportable reports Dashboards and annual overviews

Anti-Money Laundering (AML)

Use RISMA’s AML solution to protect your business with a structured approach to anti-money laundering efforts and the KYC process - available in multiple language versions (Norwegian AML in NO and EN, Danish AML in DK).

Compliance	Anti-money laundering Automated gap analysis with recommended activities KYC procedure
Policies	Policy management and awareness campaigns
Governance	Controls catalogue Annual wheel for AML activities Task delegation and automated reminders
Incident management	Custom workflows for incident processes Assessment and documentation of significant incidents Incident questionnaires
Risk management	Risk management Threat catalogue Custom risk workflow Classification of assets and activities
Dashboards & reporting	Customisable and exportable reports Dashboards and annual overviews

CIS18

RISMA’s CIS18 solution supports implementation and documentation of CIS Controls version 8.1 – currently available in English (EN).

Compliance	Selectable implementation group per control area Automated gap analysis with recommended activities Mapping to ISO 27001/02 and NIS2 framework
Policies	Policy management and awareness campaigns Ready-to-use templates (e.g. Software asset management policy and Data management policy)
Governance	Recommended safeguards Annual wheel for CIS18 activities Task delegation and automated reminders
Incident management	Custom workflows for incident processes Assessment and documentation of significant incidents
Risk management	Risk register and assessments Threat catalogue Custom workflows for risk handling
Vendor management	Asset management (e.g. risk assessment and supplier audits) Classification of assets and activities
Dashboards & reporting	Customisable and exportable reports Dashboards and annual overviews

VSME

RISMA’s VSME solution enables SME sustainability reporting and is available in English (EN).

Compliance	Gap analysis across the Basic and Comprehensive levels of the VSME standard Report templates for each data point Yearly ESG report export
Policies	Policy management and awareness campaigns
Governance	Recommended safeguards Annual wheel for non-financial reporting Task delegation and automated reminders
Dashboards & reporting	Progress overview on VSME compliance Management report on disclosures Sustainability report draft management

ISAE 3000

RISMA’s ISAE 3000 solution provides data processors with full visibility into their GDPR initiatives and is available in both Danish (DK) and English (EN).

Compliance	ISAE 3000 data processor with 11 control areas Audit readiness for Type 1 and Type 2 Automated gap analysis with recommended activities Mapping to ISO 27001/02 and NIS2 framework
Policies	Policy management and awareness campaigns Ready-to-use templates for all control areas
Governance	Recommended safeguards Annual wheel for ISAE 3000 activities Task delegation and automated reminders
Dashboards & reporting	Customisable and exportable reports Dashboards and annual overviews Documentation for your ISAE 3000 declaration

ISAE 3402

RISMA’s ISAE 3402 solution centralizes your work and provides a clear overview of the requirements, helping you get ready for the audit - available in Danish (DK) and English (EN).

Compliance	Gap analysis of ISAE 3402 control areas Automated gap analysis with recommended activities Mapping to ISO 27001/02 and ISAE 3000 framework
Policies	Policy management and awareness campaigns
Governance	Recommended safeguards Annual wheel for ISAE 3402 activities Task delegation and automated reminders
Dashboards & reporting	Customisable and exportable reports Dashboards and annual overviews Documentation for your ISAE 3402 declaration

ISMS & ISO 27001

RISMA’s ISMS solution supports structured implementation of ISO 27001 and 27002 – available in multiple language versions (EN, DK, SE, NO).

Compliance	Overview of progress across control areas Automated gap analysis with recommended actions SoA (Statement of Applicability) reporting Mapping to NIS2, CIS18 and other frameworks
Policies	Policy management and awareness campaigns Ready-to-use templates (e.g. information security, vendor and access management)
Governance	Recommended safeguards Annual wheel for ISMS activities Task delegation and automated reminders
Incident management	Custom workflows for incident processes Assessment and documentation of significant incidents
Risk management	Risk register and assessments Threat catalogue Custom workflows for risk handling
Vendor management	Asset management (e.g. risk assessment and supplier audits) Classification of assets and activities
Dashboards & reporting	Customisable and exportable reports Dashboards and annual overviews

ISO 9001

RISMA’s ISO 9001 solution focuses on enhancing and maintaining quality processes, laying a solid foundation for effective quality management – available in English (EN).

Compliance	Following ISO 9001:2015 Automated gap analysis with recommended activities
Policies	Policy management and awareness campaigns
Governance	Recommended safeguards Annual wheel for ISO 9001 activities Task delegation and automated reminders
Dashboards & reporting	Customisable and exportable reports Dashboards and annual overviews

ISO 14001

RISMA’s ISO 14001 solution helps you identify, manage, and reduce your environmental impact – available in Danish (DK) and English (EN).

Compliance	Following ISO 14001:2015 Automated gap analysis with recommended activities
Policies	Policy management and awareness campaigns
Governance	Actions and controls catalogues Annual wheel for ISO 14001 activities Task delegation and automated reminders
Dashboards & reporting	Customisable and exportable reports Dashboards and annual overviews

ISO 45001

With RISMA’s ISO 14001, you can effectively manage health and safety data and identify strengths and weaknesses in your efforts – available in Danish (DK) and English (EN).

Compliance	Following ISO 45001:2018 Automated gap analysis with recommended activities
Policies	Policy management and awareness campaigns
Governance	Actions and controls catalogues Annual wheel for ISO 45001 activities Task delegation and automated reminders
Dashboards & reporting	Customisable and exportable reports Dashboards and annual overviews

Contract Management

RISMA’s Contract Management solution supports structured control and documentation throughout the contract lifecycle – available in your platform language.

Contract management

AI-based contract data extraction
Task delegation and automated reminders
Overview of contract parties
Supplier audits and due diligence assessment

Dashboards & reporting

Customisable and exportable risk reports
Dashboard with annual risk overviews

Policy Management

RISMA’s Policy Management solution supports structured control and documentation throughout the policy lifecycle – available in your platform language.

Policies

Policy management and awareness campaigns
Governance reviews
Delegate tasks and keep track of responsibilities

Governance

Create policy-related safeguards
Annual wheel for policy management activities
Task delegation and automated reminders

Dashboards & Reporting

Customisable and exportable policy reports
Dashboard with annual policy overviews

Risk Management

RISMA’s Risk Management solution supports structured control and documentation throughout the risk lifecycle – available in your platform language.

Policies	Policy management and awareness campaigns
Governance	Create risk-related safeguards Annual wheel for risk management activities Task delegation and automated reminders
Incident management	Incident management Custom incident workflows Classification of assets Incident questionnaires
Risk management	Risk management Threat catalogue Custom risk workflows Dalegate tasks and keep track of responsibilities Classification of assets and activities Risk questionnaires
Dashboards & reporting	Customisable and exportable policy reports Dashboard with annual policy overviews

Incident Management

RISMA’s Incident Management solution supports structured control and documentation throughout the incident lifecycle – available in your platform language.