Publication of OpenTRICK as open source tool

Posted June 2024 by Lynn Pinto & filed under News.

itrust consulting published the open source version of TRICK Service and added it the list of publications. OpenTRICK is a web-application supporting risk assessment and treatment.

OpenTRICK (formerly called TRICK Service) is a full-featured risk management tool, assisting in assessing risk, planning actions, as required by an ISO/IE 27001 compliant information security management system (ISMS).

OpenTRICK on Github

WBaaS request form

Posted June 2024 by Ritika Pande & filed under News, Publications.

Use the following form to register your organization for setting up a reporting channel using WBaaS (Whistleblowing as a Service) of itrust consulting

Please enable JavaScript in your browser to complete this form.

Name (legal representative)

Role / Job title

Company

Phone number

Address

Address Line 1

Address Line 2

City

State / Province / Region

Postal Code

Country

VAT Nr.

The responsible person who receives the whistleblowing reports from itrust consulting is, by default, the ordering person.

We appoint a different person to receive the reports - if selected, please fill details hereafter

To ensure clarity, ease of understanding, anonymity and the non-use of personal data, itrust consulting processes and checks reports before forwarding them to the responsible customer contact.

If clarification is needed, itrust consulting will contact the whistleblower via the WBaaS platform ensuring their identity remains anonymous.

The refined report will then be sent to the responsible customer contact.
Ideally, the customer contact person should have no conflict of interest in the processing of whistleblowing reports.

Please note that the law (active since 17.12.2023) stipulates that companies/communes have 3 months to process whistleblowing reports.

Name (responsible for receiving and handling the reports)

First

Last

Role / Job title

Phone number

As we need your company logo to set up your company's profile for the reporting channel on our platform, please drop one image of file type .png, .gif or .jpg. of max. 10 MB file size.

the .jpg. drop

Please chose the category your company is part of.

Entity with no legal obligation (company with less than 50 employees or administration with les than 10000 inhabitants).
SME or administration ( Company with more than 50 employees or administration with more than 10000 inhabitants).
Entities with more than 250 employees.

Your comments / additional details

Communication consent

In addition, I consent to receive news about itrust consulting by email (typically 2 emails per year).

Custom Captcha

What service are you currently enroling for? (Acronym)

WBaaS

Posted June 2024 by Ritika Pande & filed under News, Publications.

Whistleblowing as a Service (WBaas)

Description

Whistleblowing as a Service is a service provided by itrust consulting that enables employees to report violations of laws and regulations within an organisation without fear of negative consequences.
Since 17 December 2023 (the activation date of Luxembourgish Whistleblower Law A232), a dedicated channel for internal reporting has been mandatory for companies with over 50 employees and communes with over 10,000 inhabitants.
Companies wishing to use this service from itrust consulting need to register here to set up a reporting channel.

The website for reporting violations is https://wbaas.itrust.lu
Once your order has been confirmed, your company will be added to the list of partners using this WBaaS reporting service.

How to order the service ‘Whistleblowing as a Service’ (WBaaS) for your company

Based on the details you have provided in the form below, itrust consulting will send you an order document.
You can then confirm the order by signing the document and returning it by post. Alternatively, you can scan the signed document or sign it electronically and email it to ‘info@itrust.lu’.
Please note that the service will only be executed upon receipt of the confirmed and signed order document.

Click here for submitting a webform to request to set up a reporting channel.

Simplify DORA, GDPR, and ISO Standards Management with Extracted Excel Tables

Posted June 2024 by Ricardo Santos & filed under News, Publications.

itrust consulting in collaboration with CyFORT launched its Standards Distribution Initiative, aimed at providing standards file and other helpful files in Excel format. These files are designed for seamless integration with popular open-source tools like Ariana and OpenAriana, OpenTrick. The initiative enables organizations to easily generate policies, conduct risk assessments, perform audits, and more, all while leveraging the power and flexibility of open-source solutions.

By offering standards in a standardized Excel format, itrust consulting simplifies the process of aligning with international standards and enhances the effectiveness of risk management and compliance activities. This initiative supports a wide range of applications, ensuring that businesses can efficiently manage their ISO-related tasks using the tools they know and trust.

Click for downloading free to use excel files
Click here for submitting a webform to request ISO/IEC standards file by license holders

itrust consulting published CS-GRAM open source tools

Posted May 2024 by Ingo Senft & filed under News.

itrust consulting published a set of tools for risk assessment and management, audit reporting, key performance indicator monitoring, and policy and procedure management specific to cloud services to implement and assess the security requirements and risks for cloud infrastructures and services on GitHub and all publication are also added to the list of publications.

CS-GRAM, short for “Cloud Services-Governance, Risk management, Audit, and Monitoring”, a toolset providing cloud security governance features such as policies, risk assessment models, audit templates, and KPI, is a sub-project of the CyFORT project, which in turn stands for “Cloud Cybersecurity Fortress of Open Resources and Tools for Resilience”.

Open source tools available:

ARIANA (on GitHub), short for “Assistance for Reporting on Information system Audits with Normative Assessment”, is designed as an add-on to Microsoft Word and Excel applications and provides a simple and reliable process for creating policies, creating or updating audit reports, managing Excel and Word-based records of processing activities compliant with GDPR, and providing additional Word and Excel utilities useful to consultants in their day-to-day work, published on itrust consulting website.

OpenARIANA (on GitHub), has been developed to address the repetitive task of creating policies, particularly Information Security Management System (ISMS) policies, published on itrust consulting website.

DRAW (on GitHub), is used to graphically represent assets and their corresponding dependencies as well as to synchronize with TRICK Service, published on itrust consulting website.

Trick2MonarcApi (on GitHub), a Java API for MONARC, which allows risk information from other sophisticated risk management tools such as TRICK Service to be imported by facilitating changes to the MONARC JSON data file, published on itrust consulting website.

Link to itrust Abstractions Lab

“Move securely within the cyberworld”

Posts Categorized: News