Digitalization does not stop at the automotive industry. Driven by the demand for more effectiveness and efficiency, all value creation processes are increasingly directly or indirectly dependent on IT systems. CRISAM® calculates the required IT qualities for an optimal cost/benefit ratio and enables the compliance proof for the VDA requirements at the push of a button!


  • What threats does the use of IT represent to the business?
  • How much IT does the business really need?
  • How secure is IT?

Only a holistic IT Risk Management can support you in answering these questions in a comprehensible and transparent way.

CRISAM® evaluates your entire IT with the help of its numerous knowledge packs, from the application to the servers to the power supply in relation to the state of the art. The compliance mappings that are part of the content libraries allow you to serve different internal and external auditors and auditors in your “language” and save a lot of time and money in audit preparation. With the integrated analysis tools, you immediately recognize where the greatest need for action exists and which measure reduces the overall risk the most.

For IT risk management, CRISAM® obtains state-of-the-art information from the German BSI Basic Protection Manual, the ISO27000 series of standards, ITIL, Cobit and other sources. In addition to this, the requirements of the guidelines for ICT risk assessment as part of the supervisory review and evaluation process (SREP) of the European Banking Authority (EBA) are available as content and are updated cyclically. Thus, the planning and implementation for a fulfillment of the EBA ICT requirements for information security is optimally supported by CRISAM®.

This allows you to make optimal decisions. You can configure your CRISAM® as a user, without the support of a software specialist. CRISAM® supports you in making the best decisions!

CRISAM® makes it easy to set up and develop an information security management system.

  • the IT models against which you measure the impact of risks and measures
  • the report with which you inform the decision maker
  • your dashboard, with which you visualize and monitor the risk management process
  • the workflow you use to communicate with stakeholders in the risk management process


  • Compliance with VDA-TISAX based on the current information security assessment catalog
  • Risk-oriented and scientifically proven assessment method
  • Standard software without additional programming effort
  • ISMS content (current question catalog incl. answer guides)
  • Compliance to ISO 27001 at the push of a button
  • Web access & workflows
  • Cost-benefit analysis with simulation engine

let's keep in touch ///