IdS Risk

Risk management and compliance in practice – built in close collaboration with Norway's most regulated industry – finance

IdS Risk helps organizations document and manage risk in a controlled manner – with structure, insight and traceability. The solution gathers risk assessments, supplier control, notifications and documentation in one shared platform, giving you better decisions, faster follow-up and audit-ready compliance.

The module supports change risk through PoPS (Product and Process Scoring), and provides data-driven overview via dashboards and visualization. The solution is continuously developed to meet regulatory requirements – including NIS2/DORA and requirements for internal control and third-party risk.

PoPS: risk assessment of changes – with proper involvement and decision-making

Standardize risk assessment of changes in products, processes and systems. Dynamic forms, automatic inclusion of relevant disciplines, status steps and approval workflows ensure changes are anchored and decided at the right level.

Dashboards and visualization

Get quick overview without Excel/Power BI: interactive dashboards and graphical reports with access-controlled insights. Export illustrations as PNG to PowerPoint/Word for management dialogue and audits.

Supplier register with compliance focus

Strengthen third-party risk and compliance with improved structure, note fields and filtering (e.g., suppliers without contract, without audit, awaiting response). Enables quick identification of gaps and better follow-up.

Notifications, deadlines and responsibilities – nothing slips through

Automatic notifications to responsible parties for deadlines, incidents and follow-up. Makes it easier to maintain control over risk assessments, supplier follow-up and internal control in practice.

Collaboration and full traceability

Discussion thread per case keeps clarifications and documentation collected where they belong. Attachments, history and audit log provide traceability from assessment to decision and action.

Form builder for controls and risk assessments

Build and customize forms with all field types, conditions and structure – for controls, self-declarations, risk assessments and internal processes. Supports rapid changes for new regulatory needs.

Continuous adaptation to DORA and NIS2

Developed continuously in dialogue with customers to cover DORA requirements for supplier management, ICT services and documentation. Planned internal control functionality makes controls, tasks and follow-up more systematic and audit-ready.

Document uploads

Upload and store all contract documents and attachments for easy access.

Access control for cases and reports

Easy management of access to cases and reports with full history, ensuring information is shared in a controlled manner.

Screenshots from IdS Risk

Selected screenshots showing the user interface and functionality.

Target Groups & Use Cases

Who is IdS Risk suitable for? The solution is especially relevant for:

Compliance and internal control officers: Document compliance, measures and decisions in an audit-friendly way – with traceability across changes and suppliers.
Risk management (2nd line): Standardize risk assessments and quality assurance, and get a comprehensive risk picture for management dialogue and priorities.
CISO / IT security: Ensure changes are properly assessed (CIA, access, exposure), and that findings and reservations are documented and followed up.
Management and decision-makers: Get dashboard-based insight into status, trends and risk areas – without manual reports.

Typical use cases:

Risk approval before changes in product, process or system (PoPS).
Document and follow up third-party risk: suppliers without contract/audit, missing assessments and deadlines.
Management reporting and audits: retrieve graphical overview and traceable documentation in minutes.
Continuous improvement: learning from assessments, discussions and measures – all collected and reusable.

Customer Value and Benefits

Better structure and overview of risk, responsibilities and deadlines
Reduced manual work – less Excel and less manual compilation of reports
Faster identification of vulnerabilities and gaps in supplier portfolio
Strengthened documentation for internal control, audit and supervision
More accurate management dialogue through visualization and dashboards

Regulatory Compliance

DORA: Supports requirements for change risk, third-party risk and documentation. Continuous development in dialogue with customers.
Transparency Act: Supplier register and follow-up facilitates mapping, control and documentable due diligence in the supply chain.
Internal control: Standardize processes, responsibilities and follow-up with traceable history – ready for audit and supervision.

Development of IdS Risk

Planned Extensions and Roadmap

IdS Risk is not a project – it's a product in continuous development. The roadmap below shows how risk management, internal control and compliance are strengthened step by step, in close dialogue with banks.

Established GRC Functionality

Available today

PoPS – risk assessment of changes
Register of Information (RoI)
Supplier register and third-party risk
Measures database and follow-up
Incident database with DORA classification
Handling of customer complaints, customer fraud and AML suspicions
Dashboards and visual insight

Under Development

3-12 months

Function and process register (BIA)
Policy and procedure register
Control database for internal control

Planned Innovations

6-12 months

Comprehensive risk register
Global dashboards across services
Copilot and Teams integration

Next Generation GRC

12-24 months

AI-supported forms and assessments
Extended Copilot support in Teams
GRC Standard Bank – shared framework

The roadmap shows planned direction based on current needs and regulatory guidelines. Features and timelines may be adjusted in dialogue with customers.

Want to learn more?Book demo👉

Book demo

Get in touch

IdentityStream AS

Laberget 22

4020 Stavanger

(+47) 98 23 24 55

hello@identitystream.com