verinice is a tool for managing information security.
- Manage your information security
Implement an information security management system according to international standards such as ISO 27001. Take control of your important IS assets, identify and avoid inherent risks and generate reports to satisfy both management, auditors and your own ambitions.
- Control information security risks
Conduct risk assessments according to ISO 27005. Identify and report
high risk assets and put out your regular risk assessment report with
just a few mouse clicks. The yearly updated database of more than 1,000
generic but detailed threat scenarios will make your
task easier than ever.
- Conduct audits
Use the special audit perspective to conduct audits of your own organization or your vendors. Attach work papers and evidence (such as the picture of the dripping faucet right next to the most important server) to your controls and generate an audit report with just a few mouse clicks. Track and compare audit results over time.
- Using existing information
You can import any data which you might already have into verinice. No matter if it's a list of assets, controls or employees. You can use an existing inventory database, but if all you have is a couple of excel sheets you can import them just as well. The synchronization feature means that you can import the same list more than once and verinice will automatically update, insert and delete elements to accurately reflect all changes.
verinice uses BIRT reporting, the same engine that is used in IBMs Tivoli(R) software, for example. Report tables and charts come directly as PDF, XML or HTML files. Many predefined reports are included which we can easily adapt to fit your needs 100 percent. The BIRT Report Designer is also freely available if you want to work on the templates yourself.