Contact us



- Multi-user work
- Import data from Excel, CSV
- API for data entry (REST, JSON)
- Print and export all data to Excel, PDF, Word

Interface and integrations



"AlterRisk optimizes and speeds up all procedures related to documenting ISO standard requirements. By introducing the AlterRisk platform in our business and using them to document the process, our work has been facilitated and accelerated, all information is easily accessible and clear."

CISO, Analyticom

"Alterisk is a configurable and flexible tool, with the ability to load catalogs into the database and the ability to upgrade and integrate with external systems. It works very stably and has no bugs. It follows best practices in GRC processes and can be implemented in any size IT system."

CISO, IN Rebus

"AlterRisk has proven to be an extremely powerful solution for the systematic management of all important processes related to information security."



+385 1 3873 409

Ožujska 4, 10000 Zagreb, Hrvatska

Your e-mail:
Message sent!
Error while sending message!
All rights reserved. © 2021.



Whether your time-saving automation needs are large or small, we’re here to help you scale. We offer three subscription plans:

IT GRC includes the processes of establishing a control environment, information risk management as part of day-to-day operations and checking compliance with the set control environment (Governance, Risk Management and Compliance).

IT GRC platform for information security management tasks.

Defines the mechanisms used by the organization to ensure that everyone in the organization follows defined processes and policies/rules.


The process by which an organization sets an acceptable level of risk, analyzes and processes risks, and prioritizes them according to the organization's business objectives.

Risk management

A process that records and monitors the controls needed to ensure compliance with laws, regulatory obligations and internal policies/rules.


- Knowledge base of controls and their connections with known standards (ISO 27001: 2013, ISO 27002: 2013, ISO 22301: 2019, CobiT, NIST, PCI DSS, CNB Decision, GDPR, Cyber Security Regulation)
- Selection of KPI metrics for performance monitoring
information system from the knowledge base
- Management of findings/vulnerabilities/non-compliances and recommendations



- Risk assessment by projects
- Automatic risk identification from the knowledge base
- Connection to the system of internal IT controls
- Selection of controls from the knowledge base

Risk management


- Creating a register of information assets
- Development of a catalog of IT services and processes (ITIL)
- Support for conducting BIA business impact analysis

Asset management


- Keeping a register of records of personal data processing
- Conducting DPIA analysis
- Consent management
- Management of requests for exercising the rights of respondents
- Management of personal data breaches by processing



  1. en
  2. hr