For Risk Managers
Unify 36 risk methodologies into one data-driven register.
Your daily challenges
Risk registers drift across units
Each business line keeps its own spreadsheet, so consolidating exposure at group level always produces contradictory numbers.
Methodologies never agree
Qualitative scores, FAIR loss distributions and Kinney ratings cannot be compared, so the board sees four versions of the same risk.
Appetite versus exposure is blind
Risk appetite statements live in a policy no one reads, and you have no live signal when business activity breaches tolerance.
Quantitative analysis stays in spreadsheets
Monte Carlo and FAIR simulations live in macro-heavy files that break at every update and cannot be reused between teams.
How ResiPlan helps
Single risk data model
One taxonomy and one register shared across units, with scoped views so each team only sees what it owns while the group sees everything.
Methodology-agnostic engine
Switch a risk from qualitative to FAIR or Monte Carlo without rekeying data, and compare scenarios in the same heat map.
Appetite, tolerance and KRI alerts
Declare appetite per category, configure KRIs and receive alerts when live data breaches tolerance, long before year-end reviews.
Board-ready reporting
Dashboards, top-risk reports and euro-denominated exposure charts are generated from live data, no more manual PowerPoint cycles.
Key features for you
ISO 31000 / 27005
Full coverage of ISO risk management principles with context, appetite, assessment, treatment and monitoring built in.
FAIR quantitative
Factor Analysis of Information Risk with loss event frequency, magnitude distributions and aggregated ALE in euros.
Monte Carlo
Run thousands of simulations per scenario with deterministic seeds so analyses are reproducible and auditable.
Risk appetite & KRI
Appetite statements per category, KRI thresholds and real-time alerts when exposure drifts outside tolerance bands.
Bow-Tie analyses
Model preventive and recovery controls around each risk event with inline effectiveness scoring and audit evidence.
Heat maps & reporting
Dynamic heat maps, top-risk exports and board-ready dashboards that refresh automatically from the live register.
Before vs after ResiPlan
Without ResiPlan
- Dozens of risk spreadsheets across units
- Methodologies cannot be compared head-to-head
- Quantitative analysis trapped in macro files
- Appetite breaches discovered at year-end
With ResiPlan
- One consolidated register shared across the group
- ISO, FAIR, Kinney and Monte Carlo in one model
- Simulations reproducible and reusable by everyone
- Appetite and KRIs monitored in real time
What your peers say
We kept ISO 31000 governance while adding FAIR and Monte Carlo on top, and the board finally got a euro-denominated view of cyber risk. No more arguments about which spreadsheet is right.
Frequently asked
Can we mix qualitative and quantitative methodologies?
Yes. Each risk can carry a qualitative rating, a FAIR distribution and Monte Carlo outputs simultaneously, so you pick the right lens per audience.
How do you calibrate FAIR inputs?
ResiPlan ships calibration workshops, PERT-based elicitation and benchmarks. Inputs are versioned so you can track how assumptions evolve over time.
Do you compute VaR and CVaR?
Yes. Each Monte Carlo run exposes VaR, CVaR, median and tail percentiles, and you can compare scenarios side by side in the same chart.
Can correlations between risks be modelled?
Yes. Risks can share loss drivers and correlation matrices, so aggregated exposure accounts for clustered events instead of naive summation.
How do we report to the board?
Prebuilt board packs export top risks, appetite breaches, KRI trends and quantitative exposure to PDF or PowerPoint in one click.