Prisms logo Prisms app screenshot on a laptop

How does Prisms help you?

Prisms: plain English

Plain English

The ISO-world is full of jargon and management speak. That's not just depressing; obscure language locks people out, which is downright dangerous. That's why our interfaces give clear guidance in plain English.

Prisms: spot-on security

Spot-on security

Too little security is dangerous, but too much is unaffordable. That's why Prisms makes sure that every security measure is justified. No more vague "just in case" security procedures. Every measure must count.

Prisms: everything in sync

Everything in sync

Unless you have superhuman discipline, documentation in traditional ISMS gets out of sync fast. Prisms keeps track of the relations between threats, policies and procedures, and keeps them perfectly in sync.

Prisms: transparency

Full transparency

In Prisms, everyone is trusted. All users can see the company's entire security policy. There's an account owner who manages the account, and there's everybody else — that's it.

Prisms: no blame

No fingerpointing

Prisms doesn't do blame games. 
If a team member doesn't follow a procedure, we treat it as an organizational problem, not the team member's problem.

Prisms: simple risk assessment

Evidence-based risk assessment

The traditional risk assessment matrix is broken. We use real metrics and Bayesian statistics so you learn and improve the exact cost of risks and controls over time.

How does Prisms work?

Prisms helps you implement, enforce and maintain your information security policies based on ISO-27001.

The ISO-27001 standard leaves plenty of room for interpretation. While that is how it should be given the wide range of companies that it needs to be suitable for, it also means inventing a lot of wheels.

Companies within the same industry and with similar cultures however will make a lot of similar decisions. This is where Prisms comes in.

We have built Prisms for ourselves, and we hope it helps other tech companies like us to get their ISMS up and running.

Prisms will be offered as software as a service. You can try it for free, and use it for as long as you want. There are no long-term commitments.

  1. Set the scope and write a policy introduction for your team mates using our starter content as a foundation
  2. Add your risk assessments, policies and procedures
  3. When you're done, start using Prisms by switching it to "active" mode
  4. Prisms reminds you what to do, and when
  5. Keep an eye on the statistics to see how you are doing
  6. Use Prisms self-improvement features to get more secure over time
  7. When it's time for your audit, share an account temporarily with the auditor

Get notified when Prisms launches in Q4 2017!

We may also send you the occasional update on our progress.

We won't spam you or share your email address with anyone, and you can unsubscribe at any time.

Or, Follow us on Twitter for updates.