Multiple departments, one RED INTO GREEN subscription
Price includes an unlimited number of user accounts per organization.
Subscriptions for your organization
When choosing the type of subscription, you indicate the type of module and also specify the number of employees in your organization, the number of ICT providers, the number of supporting assets. You can purchase RED INTO GREEN as a SaaS application subscription or as an on-prem version.
Details of the functionalities in the RIG DORA module
-
Registers
(documentation archive)- Incident registers
- Process registers
- Register of suppliers
- Security register
- Vulnerability register
- Threat register
- Information register for all contractual arrangements for the use of ICT services provided by external ICT service providers
- Register of contracts with suppliers
- Register of DPO contact details
- Register of contractual provisions
-
Assessments
- Supplier compliance assessments
- Incident assessments
-
Logs
- Compliance Officer’s logbook
-
Repository
- DORA risk management framework
-
Automatically checking the impact of a given plan on the level of risk in the organization
- Flexible selection of the level: threat, asset, vulnerability
- Selection of areas to create a plan (information security according to ISO 27001, business continuity according to ISO 22301, personal data)
- Choice of impact modalities – reducing the likelihood of the threat materialising, reducing the impact, reducing the likelihood of the impact occurring
- Enabling or disabling the plan and preview of its operation in analytical functionalities
-
Surveys
- ICT vendor surveys
-
Automated assessments
- Information security risk assessments
- Risk assessments for business continuity
-
Integrations via API
-
Analytics
- Dynamic filtering
- Adding and rearranging columns and rows (drag&drop)
- Dynamic aggregation
- Building analytical perspectiveswith one, two or more dimensions
- Selecting summary from item counts, summing values, calculating percentages
- Customised reports
- Workflow – tasks for users
-
Organization mapping
-
Reports
- Reports for the management board
- Reports for the supervisory board
- Reports for regulatory authorities
- Reports for counterparties
- Automated reports on assets, vulnerabilities, security, supplies, processes, and much more
-
Dictionaries
Details of the functionalities in the RIG NIS2 module
-
Registers
(Documentation archive)- Incident registers
- Process registers
- Security register
- Vulnerability register
- Vulnerability register
- Register of contracts with suppliers
- Register of DPO contact details
-
Assessments
- Supplier compliance assessments
- Incident assessments
-
Logs
- Compliance Officer’s logbook
-
Repository
- NIS2 Documentation – Risk management measures in cyber security
-
Automatically checking the impact of a given plan on the level of risk in the organization
- Flexible selection of the level: threat, asset, vulnerability
- WSelection of areas to create a plan (information security according to ISO 27001, business continuity according to ISO 22301, personal data)
- Choice of impact modalities – reducing the likelihood of the threat materialising, reducing the impact, reducing the likelihood of the impact occurring
- Enabling or disabling the plan and preview of its operation in analytical functionalities
-
Surveys
- Supply chain supplier surveys
-
Automated assessments
- Information security risk assessments
- Risk assessments for business continuity
-
Integrations
-
Analytics
- Dynamic filtering
- Adding and rearranging columns and rows (drag&drop)
- Dynamic aggregation
- Building analytical perspectiveswith one, two or more dimensions
- Selecting summary from item counts, summing values, calculating percentages
- Customised reports
- Workflow – tasks for users
-
Organization mapping
-
Reports
- Reports for the management board
- Reports for the supervisory board
- Reports for counterparties
- Automated reports on assets, vulnerabilities, security, supplies, processes, and much more
-
Dictionaries
Details of the functionalities in the RIG GDPR module
-
Registers
- Register of processing activities
- Register of categories of processing activities
- Register of incidents and violations
- Register of authorisations
- Register of the exercise of data subjects’ rights
-
Register of disclosures of personal data
- Register of entrustment agreements
- Register of joint management agreements
- Template of the completed register of activities, category register and risk analysis
-
-
GDPR risk assessment, including DPIA
-
Support system
-
Repository
- Entrustment agreements
-
Formal documentation
-
Verification of processors
-
Legitimate interest assessments
-
Reports
-
Data export to Excel
-
DPO Journal
-
Server storage space for additional documents
What else is included in the RED INTO GREEN price?
FAQ
Can I purchase the RED INTO GREEN product as an on-premise variant?
Yes. Talk to our advisor. Sign up for an interview.
Will my data be secure?
Yes. The RED INTO GREEN application ensures security, thanks to its high security standards.
- Individual instance for each client (including separate databases for clients).
- Individual user and password for the application user, optional additional protection for the application instance.
- Two-factor authentication of the user of the application.
- Possibility of defining a password policy (e.g. password length, requirements for character types, validity periods, number of allowed login attempts).
- Automatic deactivation of an inactive user session.
- Management of application user access rights by permission levels.
- Snapshots of data performed on demand by an authorised user.
- Automatic source code testing.
- Source code review process and optimisation.
- Monitoring of the validity of libraries and components used.
- Pentests of applications performed periodically by specialised external operators.
- Multifactor logins to the application hosting panel.
- Backups, at application hosting level.
- Possibility of choosing one of 3 locations at one of the 2 data center vendors (Google Cloud, National Cloud Operator).
- SSO Azure AD access.
Can the RED INTO GREEN app be replaced by Excel?
It is only possible in terms of data collection. By replacing RIG DORA with Excel, the user loses the possibility of a multidimensional and automatically updated risk analysis.
A complete risk analysis requires mapping the organization in multiple dimensions (e.g. processes, supporting resources, data, cooperating entities) – and defining relationships between these dimensions. It is difficult, if not effectively impossible, to carry out a similar mapping using Excel.
By conducting organization mapping in RIG DORA you will ensure accountability.
- You know which user is responsible for creating and modifying a particular entry and when this took place.
- Thanks to the links, stored in the application, you comply and the work carried out for compliance is disciplined through the tool’s data model.
- Updates are simple and fast, e.g. updating a value in a dictionary – will update that value in all places where it is used (e.g. changing the name of a supporting asset – will move to RCP, to risk analysis or to risk treatment plans).
- Automation makes updating the risk analysis down to the click of a single ‘refresh’ button. In Excel, many time-consuming operations would have to be performed, with the risk of error.
- You have the option of conveniently analysing the data in the tool itself, sorting the data according to different criteria. You can easily model a risk heat map or other form to easily find the centre of gravity of risks in your organisation.
- The tool allows you to simulate business continuity plans and verify them on an ongoing basis for your organisation’s readiness for audits.
How does the RED INTO GREEN team help you implement the tool?
When you start with RIG DORA, you can use link mapping templates that have been tested with our existing customers. When you buy RIG DORA, you are guaranteed 2 hours of consultation per month, for the entire duration of your license agreement.
Will the RED INTO GREEN tool work for my organization?
RED INTO GREEN will work in any organization if it approaches its implementation with the intention of actually using it. Secondly, RED INTO GREEN works in organizations that have taken the opportunity to see a demo and verified if they have a specific requirement e.g. an asymmetric risk assessment scale before purchase. This requirement is not supported by RED INTO GREEN.
How will I pass an audit of my organization with RED INTO GREEN?
RED INTO GREEN will enable you to prepare thoroughly for audits. With the ability to automate the generation of risk treatment plans, you can run simulations and verify how the safeguards in place will affect the likelihood of risks occurring or the severity of consequences in light of the requirements of DORA, NIS2 or GDPR. You can generate reports to present to auditors.