Skip to content

The tool

Diri has a groundbreaking methodology and software for risk management of cyber security.

Diri is the best tool on the market for risk analysis and controlling cyber security. The tool is research-based, and it has years of hands-on experience from risk analyses incorporated. Innovation in risk management tools has been low in the last years, and sheets in Excel are the most used. In several cases, companies have prepared the analysis in Excel and then brought it into the risk management tool. Diri will help you start at the right end and gather everything in one place.

Features

Illustration.

Risk dashboard

Get a complete overview of your aggregated risk picture with our customisable dashboard. Choose from over 20 dashboard cards with relevant statistics for your security management. Track your company risks, work progression, and much more.

Illustration.

Risk assessment

Our state-of-the-art risk assessment method provides a streamlined, easy-to-use, and high-quality approach to cybersecurity. The Diri risk assessment consists of five easy-to-follow steps and is a novel and user-friendly implementation of the Bow-Tie risk analysis. 

Illustration.

Risk treatment plan

Use the novel Diri cost-benefit analysis to find your ICT systems’ most cost-efficient risk treatments. Delegate treatments and deadlines to users and track the implementation progress.  



Illustration.

Risk reporting

Use Diri to print ready-to-deliver risk assessment reports. You can also tailor roles to access reports in Diri or simply use data from the app in your own reports.


Illustration.

Data export and import

Import your existing ICT system portfolio into Diri to get started quickly. Export data about your portfolio or specific risk assessments. 



Illustration.

Risk, asset, and treatment registries

Are you wondering where your most crucial risks are located? Or where the personally identifiable information is stored? No worries, Diri provides comprehensive and searchable risk, asset, and treatment registries. 

Illustration.

Collaborate on risk assessments 

Risk assessments are teamwork! Collaborate in the workshop format or de-centralised using Diri to produce high-quality assessments. Add co-owners and invite others to help with your risk assessment simultaneously.  

Illustration.

Survey

Tailor your surveys and gather data with the survey tool embedded in Diri. You can design your questionnaires or risk analysis approach using the survey tool. 


 

Illustration.

Tasks

Need a specific task done? Use tasks to manage your security processes by creating and assigning responsibility for conducting tasks such as risk assessment, filling out a survey, or other activities.

Illustration.

Copy, re-use, and share 

Diri is all about simplifying your work processes. You can copy whole existing risk assessments to new places and re-tailor them. The copy function allows you to configure which parts to copy such that sensitive information doesn’t go astray.  

Illustration.

Diri control matrix 

Conduct security audits like never before with the Diri control matrix! It is an innovation that lets you visualise your security controls for in-depth security analysis. The control matrix allows for drill-down and adds significant transparency to your security evaluation. 

Illustration.

Rest API 

Do you already have existing ticketing or business management system? No problem; Diri is built for data import and export and easily integrates into existing systems through Rest API.  


Screenshot from the tool.

The work process

Dots.

Diri adds a streamlined and user-friendly process to accomplish the evaluation of risks. The process is based on best practice ISO27005 and research from NTNU is used to design the content of the tool. 

Diri uses system mapping as the entrance to risk management but is not limited to this. You can assign ownership to systems and tasks in system mapping with automatic follow-up. The steps in each system are to:

  • Registrate important details about the system
  • Map and value the information in the system
  • Risk assessment of the system
  • Review and prioritisation of measures
  • Sign and approve the risk assessment

The user can set the revision time on the completed assessments, and Diri will notify him when it’s time to update the assessment. The streamlined process makes it easier to merge the results for reporting.


Screenshot from the tool.

Risk assessment in Diri

Dots.

Have you ever had to repeat the same risk or cause several times because of different consequences? So have we. The Excel sheet gets far too long, and the same measures must be repeated for other risks. Or maybe you had to write a lengthy report based on the results from a workshop? We have solved these problems in an elegant matter!

Focusing on developing a tool that works on its own, in cooperation with others, and for analyses in a workshop gives a device with everything in one place and an easy way to create reports. 

Risk assessment in Diri is based on Bowtie-analyses, which means you build a big and complex model with causes and consequences for an unwanted incident. But making one model after another will not be enough in a complex world as cyber security is, where an attack can lead to several events, and the measurements will affect both events and systems. Diri has, therefore, further developed the Bowtie method to the state-of-the-art by making it as user-friendly and time-saving as possible.

We are sure that the Diri risk assessment tool is the best in the market.

Illustration of cost-benefit.

Dynamic cost-benefit analysis in Diri

Dots.

The action plan is an essential part of the risk assessment work since it describes what needs to be done to achieve an acceptable level of risk.

Diri has used many resources to make a dynamic and straightforward action plan that summarises the measurements directly from the risk assessment. The action plan is based on evaluations of how much it will cost to implement a new treatment and the benefit of how it’s affecting the risk. This allows you to experiment with measurements to find the best solution possible, your budget considered.

Illustration of a computer with the Diri software.
Illustration of cyber security.

Adhere to NSM Basic Principles with Diri 

Dots.

You can easily adhere to NSM Basic Principles of Safety Management (NSM Grunnprinsipper) with Diri! NSM (Norwegian National Security Authority) has published the Basic Principles for ICT Security. A framework that’s considered best practice for basic safety mechanisms that most Norwegian companies should have in place. They have also published several basic principles. We believe that the most important document among these is Basic Principles for Safety Management (GFS), as it forms the basis for all other safety work and sets the proper context for the business.

ISO27005 is the industry standard for risk management of information security, and the experienced security expert quickly sees that the activities in GFS are closely linked to the workflow in ISO27005. This suits us in Diri well with our ISO27005 support. We do not describe the requirements from NSM in detail, but we discuss how you can meet the needs by using Diri. We refer to NSM’s original document to see the requirements in full.

You can also read an article about this in our community (in Norwegian).

Illustration of cyber security.

Diri security

Dots.

Diri provides Software as a Service (SaaS) products to our users to solve their business problems. Security is a key component in our offerings and reflects our people, process, and products. Read more about how we offer security to our customers.

Video of the tool

Dots.

Take a look at the features in Diri in this video.

Illustration.

Get the best tool

Diri has a groundbreaking methodology and software for risk management of cyber security. Get the best tool in the market – try Diri.

Get started with Diri