Safer, smarter information security.
Off-the-shelf control libraries, registers and analytics that give you visibility of your IT control framework and its effectiveness, allowing you to better protect your organisation.
Implement IT controls frameworks consistently
Build trust with customers by establishing a systematic approach to IT control standards and frameworks:
-
Centralise libraries and registers for IT risk, controls, activities and policies
-
Follow a consistent approach to documenting which controls apply (e.g. Statement of Applicability)
-
Demonstrate compliance with controls through controls assurance
Provide visibility to information security risk owners
Help risk owners in the business know what they need to do and how they can achieve it:
-
Optimise workflow so risk owners take action at the right time, with calendars for testing and reviews
-
Provide risk owners with the visibility required to adequately monitor their components
-
Break down the silos between information security risk management, resilience management and enterprise risk management
-
Centralise libraries to easily assess the the risk and health of your assets.
Streamline reporting to boards, executives and regulators
Provide appropriate insights to boards, executives, regulators and other stakeholders overseeing information security risk management:
-
Easily report on the IT risk posture of your organisation.
-
Provide the right info for board and executives in one place in a simple, easy-to-understand format
-
Gain a clear understanding of your organisation’s current IT controls framework and its effectiveness
-
Create consistency in management with centralised libraries of risks and controls
Demonstrate compliance with standards
Streamline the demonstration of IT standards compliance to achieve certification and give comfort that you are protecting yourself and customers from security risks:
-
Manage compliance with multiple ISMS control frameworks (including ISO27001, NIST, SOC2 and CPS234)
-
Map your master control framework to track compliance with other frameworks
-
Link enterprise risk controls to IT controls
-
Manage ongoing assurance in relation to your business-critical resources
-
Quickly install Protecht’s off-the-shelf frameworks and map links between requirements using Marketplace, or easily import your own framework via CSV
Information security brochure.
Safer, smarter information security, allowing you to better protect your organisation.
IT risk management eBook.
What IT risk is, why it matters, why it’s different from cyber risk, and why it’s not just a concern for the IT department.
Cyber risk management eBook.
How boards, executives and managers can meet their responsibilities to address growing and changing cyber threats.
Buyer’s guide.
What an ERM solution is, why you need one, and how to make the right choice.
Protecht ERM: Safer, smarter risk management across the information security lifecycle.
Structured data
Centralised libraries and structured registers ensure efficient organisation across all IT risk management.
- Assets and asset risk ratings
- Compliance with multiple IT risk controls frameworks, controls assurance and statements of applicability
- IT security incidents and policies
- Your calendar of security activities, such as penetration testing
- Threat events
Action-oriented insights
Real-time views of interconnected granular and holistic data.
- IT assets with risk ratings
- Key IT risk controls, control effectiveness, control responsibility
- Overdue tasks in IT risk and control assessment and actioning
User experience
User-centric dashboards and workflows for intuitive follow-up and maximum productivity.
- Dashboards customised without any need for coding
- Digital workflows with automated alerts and reminders
- Scheduler to automate report generation and distribution
- All tasks within one view
Risk visualisation and reports
Powerful visualisations and reports, making it easy to collaborate and communicate with all stakeholders from IT risk managers to senior management.
- Custom reports generated at the click of a button
- Risk bow tie tool to analyse root causes of IT risk events
- Dynamic, real-time risk profiles that visualise key information such as a risk’s related incidents, controls assurance, KRIs, attestations, issues and actions
Regulatory obligations content and alerts
Know your Cybersecurity regulatory obligations through integration with LexisNexis.
- Guidance drawn from Australia, New Zealand, the European Union, United Kingdom and the United States modules
- Plain English advice on current legislative framework
- Alerts to upcoming changes
Preconfigured content – for a turnkey launch
Optimise your risk management at the click of a button. Set up and maintain your ERM system with Marketplace: preconfigured registers, dashboards and reports.
Popular register packages for IT risk management
ISMS Control Library – ISO 27001
Provides a Control Library in line with the ISO/IEC 27001:2022 standard. These controls can be downloaded into the central library and tailored specifically to your organisation. The controls are also mapped to controls in SOC 2 Trust Services Criteria, NIST CSF and APRA CPS234, allowing customers to save time determining overlap in their implemented controls.
ISMS Control Library – NIST CSF v1.1
Provides a Control Library in line with the NIST CSF control framework. These controls can be downloaded into the central library and tailored specifically to your organisation. The controls are also mapped to controls in SOC 2 Trust Services Criteria and ISO 27001, allowing customers to save time determining overlap in their implemented controls.
ISMS Control Library – NIST CSF v2
This package provides a NIST CSF 2.0 Control Library in line with the NIST CSF v2 control framework released in Feb 2024. These controls can be downloaded into the central library and tailored specifically to your organisation. Protecht has also provided a mapping to other common ISMS industry standards/frameworks like SOC 2 Trust Services Criteria and ISO 27001.
ISMS Control Library – SOC2 POF & TSC
Provides a Control Library in line with the SOC 2 criteria. The SOC 2 POF (Point of Focus) control library has been designed by Protecht as suggested controls to comply with the SOC 2 TSC (Trust Services Criteria) requirements. These controls can be downloaded into the central library and tailored specifically to your organisation. The controls are also mapped to controls in NIST CSF and ISO 27001, allowing customers to save time determining overlap in their implemented controls.
ISMS Control Library – APRA 234
Provides a Control Library in line with the APRA CPS 234 prudential standard. These controls can be downloaded into the central library and tailored specifically to your organisation. The controls are also mapped to controls in ISO 27001, allowing customers to save time determining overlap in their implemented controls.
ISMS Registers and Dashboards
Streamlines data capture and reporting to help organisations manage:
-
Controls, statements of applicability and assurance activities
-
Conducting and overseeing IT risk assessments
-
Asset and application risks and health assessments
-
Cataloguing, reviewing and approving policies, policy exceptions and documents
-
Minimising disruption from incidents
-
Visibility of ISMS actions
-
Capturing of exceptions with the policy and documents register
-
Generating risk reports for risk events and ISMS risk entries of interest
ISMS - Security Calendar
Systematically capture and track important security events such as penetration test due dates, cryptographic key renewals, and audits. The ISMS Security Calendar register and dashboard allow you to:
-
Assign ownership and due dates to key events
-
Report on status of events and their completion
-
Provide a centralised repository of important security events
CISO Dashboard
Presents key information from the ISMS registers providing an overview of:
-
IT controls
-
IT risks and drilldown details
-
IT assets and their status
-
IT policies and policy exceptions
-
Helps the user to report on the IT risk posture of the organisation and inform decisions regarding cybersecurity and ISMS strategy.
Case study
How WorldRemit manages risk across 130 countries.
Find out more about cyber and IT risk management.
Thought leadership and product demonstration webinars
Thought leadership webinar
Cyber risk: Get on top of your controls and frameworks.
Product demonstration webinar
Streamline your IT controls: Simplify cyber compliance with Protecht ERM.
Thought leadership webinar
Speaking the same language: Bringing IT and cyber risk to your enterprise view.
News and commentary
Related industries
Find out how Protecht’s industry expertise can help your IT risk management teams meet their business requirements across our key industry verticals:
-
Banking
Manage risk and compliance with a platform configured to empower banks and credit unions.
-
Insurance
Stay on top of regulatory requirements with real-time reporting that gives every user risk ownership.
-
Fintech
Manage risk and compliance with a platform designed for rapid growth in a rapidly changing environment.
-
Education
Manage risk with a platform configured to support staff, students and your business needs.
-
Government
Manage risk and compliance with a platform configured to meet the needs of government entities.
-
Aged care
Manage risk and compliance with a platform designed to enhance safety and accountability in aged care.
See the risks. Seize the opportunities.
Manage all your risks in one place. A single platform with endless possibilities to add to your business’s safety and success. Try it now!