zakres działalności:
Securing project and change management processes

Cyrima is a tool that addresses the growing problem of security of both projects and changes processed by medium-sized enterprises and large organizations, those operating on regulated markets in particular.

The tool consists of the following elements:

  • the framework,
  • the application,
  • a plug-in enabling the integration with Jira.

The framework is a repository of processes, policies, and standards, along with job instructions that describe part of the operating model of the client’s organization.

The application layer allows for adaptation of our framework to the needs of individual organizations, adapting to the industry, the scale of the organization, its geographical location, project categories and scale as well as risk appetite. Consequently, our clients receive a result similar to that offered by specialized consulting companies. However, they pay for it a mere fraction of the price of a traditional service, receiving a ready-made solution within a maximum of a few hours required to precisely describe their own organization in the system.

Our clients also receive support in integrating the Cyrima framework on the process layer, including the ability to design from scratch an entire operational model covering areas of both IT and security.

Cyrima’s framework encompasses the following areas of any organization:

  • project management,
  • change management in IT environments,
  • supply chain security – by means of purchasing processes integration, defining contracts, and key supplier management,
  • supervision, risk management and regulatory compliance (GRC) at the project level,
  • operational continuity management at the project and operational levels,
  • selected security standards – allowing for an easy integration with DevSecOps and SSDLC models.

Operating in the background of our product, there is also an ecosystem of security service providers who use our solution as a semi-automated system for selling their services. By making the clients aware of the scope of the required work, its complexity, and the consequences of overlooking individual tasks, Cyrima generates demand for inquiries that would not appear on the market in a spontaneous manner.

The framework enables standardization of the process of providing services by our partners and reduces commonplace industry-specific problems arising from incompetent management of customer expectations. Furthermore, it enables a very precise definition of needs when defining inquiries, thus allowing for the activation of a wider group of suppliers compared to the traditional recruitment model.

Find out more about Cyrima from our explainer animation.

Cyrima is available in three variants tailored to the needs of different categories of clients.

Premium – this variant is designed with large organizations in mind that operate on regulated markets. While this version is a bit more demanding to run than the standard version, it offers in return additional operations aimed at ensuring regulatory compliance and meticulously documenting all information relevant from the perspective of auditing, supervision, or integration with risk management processes at the operational level.

Standard – this variant treats security as a supporting function understood as a value chain model (precisely defining the level of security required to achieve the assumed business objective, followed by indicating the path to achieving it in the most effective way). This variant is intended for software vendors and consulting companies whose customers perceive security as a service quality criterion. The emphasis we put on process efficiency in this variant of Cyrima allows its end-users to reduce both costs and time of service provision, as well as reduces rework at the acceptance stage. In consequence, it decreases prices, standardizes implementation quality and, as a result, raises the an organization’s position on the market against its competition.

Basic – a free-of-charge version of our solution aimed at small enterprises that have IT or security structures of their own. With the awareness of the limited resources and competences in mind that these organizations have at their disposal, we have designed an extremely simplified version of our framework, indicating only the bare minimum, the omission of which raises very serious risks. As is the case with the higher subscription versions, users of the Basic variant can also make use of our ecosystem of providers whenever they require expert support.