Build Resilience Into Your Organization
One platform for BCMS, risk, CMDB and compliance. Unify BIA, 8 plan types and 36 risk methodologies in a single workspace.
One platform, every discipline of resilience
ResiPlan unifies business continuity, risk, compliance, crisis and more into a single GRC workspace — no more scattered tools and spreadsheets.
Business Continuity
ISO 22301 BCMS: BIA, 8 plan types, exercises, reflex cards and maturity — the resilience backbone.
Risk Management
36 methodologies (ISO 31000/27005, EBIOS RM, FAIR, Monte Carlo, Bow-Tie) in one quantified register.
Risk Intelligence
Physical & climate risk scoring per property for insurers and reinsurers, fed by official geo-hazard data.
CMDB & Supply Chain
Living asset inventory, CI relationships, suppliers, contracts and third-party risk scoring.
Multi-framework Compliance
DORA, NIS2, NIST CSF and ISO cross-mapped with gap analysis and an immutable audit trail.
DORA Suite
Register of Information, program orchestrator, critical functions and ROI — end-to-end DORA readiness.
Product Security & CRA
Cyber Resilience Act compliance: PDE registry, SBOM, coordinated disclosure and Annex I evidence.
Crisis & Incident Management
Crisis-gaming tabletops, digital reflex cards, communication cascades and incident command.
AI Analyst & Agents
AI drafts plans, analyses contracts, detects gaps and produces management-ready reports in seconds.
Climate & ESG
Carbon footprint, TCFD-aligned climate scenarios and ESG assessments across your organisation and suppliers.
Governance, Privacy & Ethics
Policies, board reporting, a GDPR privacy suite (RoPA, DPIA) and an ethics hotline in one governance layer.
Operator & MSP Mode
One operator account managing N isolated client tenants with reusable methodologies and white-label reporting.
Your challenges, our solutions
From the boardroom to the crisis room, ResiPlan is built for every role that carries resilience across your organisation.
CISO
Regulators, auditors and the board all want proof of control. Every framework demands the same evidence in a different format.
Centralised controls, policies and audit trails, mapped to ISO 22301, NIS2, DORA and NIST CSF automatically.
Risk Manager
Risk registers drift, methodologies differ across business units, and quantifying exposure in euros is still a spreadsheet exercise.
36 native methodologies (ISO 31000/27005, EBIOS RM, FAIR, Monte Carlo, Bow-Tie) feed one risk register with consolidated dashboards.
Business Continuity Manager
BIAs get outdated, exercises are painful to coordinate, and reflex cards live in binders no one opens during an incident.
Live BIAs, 8 plan types, crisis-gaming simulations and reflex cards, one click from any device, online or offline.
Compliance Officer
DORA, NIS2 and sector-specific rules overlap. Mapping them manually eats weeks and still leaves gaps.
Cross-framework mapping, gap analysis, regulatory watch and evidence-ready reports make compliance a continuous workflow.
Product Security Officer
The Cyber Resilience Act lands in 2027: CE marking, SBOM, coordinated disclosure and 5-15 year support with no tooling in sight.
PDE registry, automated CycloneDX/SPDX SBOM with CVE cross-reference, turnkey CVD portal and an Annex I evidence matrix.
MSSP & Consultants
Every client engagement restarts from a blank page, tenants blur together, and proving recurring value is a manual slog.
One operator account, N isolated client tenants, reusable methodology templates and white-label, evidence-backed reporting.
IT & Supply Chain Manager
Shadow IT, undocumented dependencies, supplier concentration and contract renewals that slip until a third-party incident cascades.
A living CMDB with CI relationships, supplier & contract registry, third-party risk scoring and a DORA Register of Information.
Crisis & Incident Manager
Exercises are hard to run, comms turn chaotic under pressure, and post-incident lessons vanish before the next drill.
Crisis-gaming tabletops, digital reflex cards, communication cascades and incident timelines that feed lessons learned automatically.
Everything you need for resilience & compliance
One workspace for business continuity, risk, compliance, crisis and AI — assess, plan, test and prove resilience across your whole organization.
AI BIA Generator (NEW)
Resiplan AI reads your sector, processes and frameworks (DORA/NIS2/CRA) and generates a tailored BIA questionnaire in 30 seconds — not 3 weeks of consulting.
Dependencies Pro + Cascade Simulator (NEW)
Unified 6-layer dependency graph, time-propagated cascade simulator with cumulative EUR cost, AI-discovered missing dependencies, RTO/RPO consistency check, SPOF heatmap.
Native Mass Notification (NEW)
SMS, voice, email, push, Slack, Teams, WhatsApp — triggered directly from incidents, plans or exercises. Safety check-in, auto-escalation, GDPR-first, EU-hosted. No separate Everbridge contract.
Business Impact Analysis
Identify critical processes, assess dependencies, calculate RTO/RPO targets, and quantify the financial impact of disruptions on your operations.
Continuity Plans
Create and manage BCP, BRP, DRP, IRP, CMP, ERP, CCP, and SRP plans with AI-assisted generation, version control, and automated review cycles.
Risk Management
Leverage ISO 31000, EBIOS RM, FAIR, Kinney, Monte Carlo simulations, and Bow-Tie analysis for comprehensive risk identification and treatment.
Asset Management (CMDB)
Maintain a complete inventory of applications, servers, contracts, and vendors. Map dependencies and track criticality across your IT landscape.
AI Assistant
Meet Resi, your AI-powered BCM assistant. Generate plans, analyze risks, get compliance recommendations, and automate repetitive tasks with Resiplan AI.
Real-time Collaboration
Work together with your team in real-time. Role-based access control, approval workflows, audit trails, and multi-organization support built in.
See the attack spread before it happens
A Monte-Carlo simulation replays, hour by hour, how a compromise spreads across your real network. You see which assets fall first, and when.
- Built from your CMDB: real vulnerabilities (CVSS, KEV, EPSS) and network topology
- Compromise-probability curves over time, asset by asset
- IT and OT lateral movement, tagged with MITRE ATT&CK
Jour 0 / 21
Complete Coverage for Every Scenario
ResiPlan supports all major continuity and recovery plan types, ensuring you are prepared for any disruption scenario.
BCP
Business Continuity Plan
BRP
Business Recovery Plan
DRP
Disaster Recovery Plan
IRP
Incident Response Plan
CMP
Crisis Management Plan
ERP
Emergency Response Plan
CCP
Crisis Communication Plan
SRP
Supplier Recovery Plan
Reflex
Reflex Cards
Each plan type includes templates, AI-assisted generation, approval workflows, version control, and automated review scheduling.
Even non-experts know what to do
Every module ships a plain-language guided course — understand, do it step by step, best practices, FAQ and a cheat-sheet. 27 courses across the platform.
Understand
What the module does and why it matters.
How-to
The concrete steps, where to click, what you get.
Cheat-sheet
Glossary, best practices and quick links.
Risk Analysis That Goes Beyond the Basics
Choose from 10+ industry-standard methodologies or combine them for multi-dimensional risk visibility. From qualitative frameworks to quantitative Monte Carlo simulations.
ISO 31000
International standard for risk management with customizable risk matrices and treatment plans.
EBIOS Risk Manager
French ANSSI methodology for cyber risk analysis with feared events and attack scenarios.
FAIR Quantitative Analysis
Factor Analysis of Information Risk for financial quantification of cyber risks in monetary terms.
Monte Carlo Simulations
Run thousands of probabilistic simulations to model uncertainty and generate confidence intervals.
Kinney Method
Probability-exposure-consequence scoring for operational and safety risk assessment.
Bow-Tie Analysis
Visual risk analysis linking threats, controls, and consequences with interactive diagrams.
Risk Heatmap
Likelihood vs Impact
Built for ISO 22301 Compliance
Every feature in ResiPlan maps directly to ISO 22301 clauses, making certification audit preparation seamless and straightforward.
Clause 4 - Context of the Organization
Define scope, understand stakeholder needs, and map internal/external factors affecting continuity.
Clause 5 - Leadership
Role-based access, policy management, and organizational commitment tracking.
Clause 6 - Planning
Risk assessment, business impact analysis, and continuity objectives definition.
Clause 7 - Support
Resource management, competence tracking, communication plans, and documentation control.
Clause 8 - Operation
BIA execution, risk treatment, continuity strategies, plans, and exercise management.
Clause 9 - Performance Evaluation
Monitoring, measurement, internal audits, and management review processes.
Clause 10 - Improvement
Nonconformity handling, corrective actions, and continual improvement tracking.
10 frameworks, 6 countries. One assessment.
Assess a control once — ResiPlan carries your posture across ISO 27001, NIS2, DORA and national frameworks: CYRA & BIO (NL), CyFun (BE), BSI (DE), ANSSI (FR), ENS (ES), FNCS (IT). In the GAP analysis: rate ISO 27001 once and CYRA auto-fills (cross-mapping).
Built for your sector
Tailored continuity and resilience templates for regulated and critical industries.
For consultants & firms: every client, one workspace
Manage up to 50 client organisations, each in a fully isolated tenant. One operator licence covers every client — buy once, deploy everywhere.
Plug in your AI agents and automations
ResiPlan ships a standard MCP server and signed webhooks — your assistants and workflows reach your BCMS data securely.
MCP server
Model Context Protocol (stdio + HTTP). Connect Claude Desktop, n8n, Make or Zapier to your ResiPlan data.
Hermes agent
Read & write agent integration with signed outbound webhooks (HMAC-SHA256) to automate your compliance workflows.
OpenClaw agent
OpenClaw integration in the works — orchestrate analyses and reports through the OpenClaw agent.
Your field companion, in your pocket
ResiGuard, the ResiPlan mobile companion: manage incidents and activate your crisis cells (EOC) in real time, get critical alerts within seconds, and consult your plans (BCP/DRP/IRP) even offline.
Critical push notifications · full offline mode · GIS mapping · AI Crisis Copilot.
Generate a DRP for our customer-facing web application with RTO of 4 hours.
I will create a comprehensive Disaster Recovery Plan for your web application. Based on the 4-hour RTO, I recommend a warm standby strategy with automated failover. Let me draft the plan with recovery procedures, team responsibilities, and testing schedule...
Your AI-Powered BCM Copilot
Resi, powered by Resiplan AI, understands business continuity. Ask questions, generate plans, and get intelligent recommendations in seconds.
Plan Generation
Generate complete continuity plans from BIA data and organizational context.
Risk Analysis
Analyze risks across multiple methodologies and suggest treatment strategies.
Smart Recommendations
Get compliance gap analysis and actionable improvement suggestions.
Task Automation
Automate review scheduling, notification workflows, and report generation.
Run GRC for all your clients, one console
Operate ResiPlan for several client organizations — each a fully isolated tenant. One license, one login, a cross-client compliance portfolio.
Explore the consultancy offerSecurity You Can Trust
Your continuity data deserves the highest level of protection. ResiPlan is built with enterprise-grade security from the ground up.
End-to-End Encryption
All data encrypted at rest and in transit with TLS 1.3 and AES-256 encryption standards.
Multi-Tenant Isolation
Complete data isolation between organizations with role-based access control at every level.
Compliance Ready
SOC 2 aligned practices, audit logging, and GDPR-compliant data handling built into the platform.
Frequently asked questions
Start Your 7-Day Free Trial
Join organizations that trust ResiPlan to protect their business continuity. Full access to all features, no credit card required.
No credit card required. Cancel anytime.