Process & Risk Management

Cerrix GRC

Risk assessment

The (regular) inventory and assessment of your risks can take place online based on self-compiled questionnaires.

Process Management

Audits can be tracked and the workflow controls your actions as a result.

Control testing

Testers are automatically notified when new tests must be performed and evidence is collected.

Compliance management

Compliance Controls can easily be controlled in a Control Framework.

Incident Management

Reporting, enriching and following up incidents is workflow driven.

Audit management

Design or describe your processes in diagrams and add the risks, controls and responsibilities.

Process & Risk Management



Existing and new processes can be visually modeled in CERRIX. The Swimming lanes immediately show the responsibilities. In addition, controls and risks are related to a process step. Because there is a real-time relationship with all components, it is easy to find out which processes are out-of-control.


Analysis of KPIs and KRIs are easily possible in CERRIX. Data points can be collected periodically (automatically) and related to processes and risk items. The status and trends are immediately available for managers and directors.


Our experience has shown that Risk Management can only work well if the risk process runs smoothly. This requires alignment with the regular management control cycle, but also proactive signaling and alerting. In CERRIX everything works in real time and with automatic alerters. On a smartphone, an average of 221 times a day is viewed. The CERRIX dashboard can also be found there ...


Risk identification can be done in various ways. Sitting together and summing up the risks while brainstorming is perhaps the most open and free form. Another way is to go through a questionnaire periodically. The CERRIX Risk Assessor is a handy tool in that case. Different types of questions can be prepared in advance and submitted to multiple assessors. The answers can possibly be provided with Evidence. The assessments and associated questionnaires can be drawn up and maintained.


A lot of information is generally stored in CERRIX. An important need for good risk management is to provide insight into the form of reports. In CERRIX this can be done in different ways. The dashboard gives an overall overview quickly and clearly, with the help of the workspaces all kinds of extractions can be made and the new report generator gives the possibility to build your own reports and save them under your own name. Data and graphic elements can be combined here.


CERRIX offers the possibility of digital meetings. For board meetings, management / committee meetings or planned CRSA workshops, the meeting documents can be digitally prepared in advance. This can be documents from the CERRIX reporting module (see example), but also other meeting documents. In this way it is prevented that many documents are mailed and incorrect versions are used. Everyone can also easily make annotations in the documents.


The CERRIX software is offered to our customers as a SaaS application. This makes software management a lot easier and cheaper for you and us. Moreover, we are able to grow faster with your organization. Our servers are located in reputable data centers with which we have years of experience.

Risk & Control Assessments


Sometimes you need smaller (and cheaper) tools instead of a complete GRC software set. This can also be temporary (for example, for conducting an audit or an assessment) or you are a smaller organization. We can then help you with our light tools. For example for:

  • Perform checklists of standards frameworks and legislation;
  • Risk Assessments on specific topic;
  • Capture Audits of your customers, suppliers, asset managers etc.

Compliance Assessments


Is your organization increasingly confronted with laws and regulations and best practices? Then you also notice how much time it takes you to collect the right information every time. With CERRIX this process not only becomes more efficient, but you also get real-time insight into your Compliance status.

What makes our frameworks unique?

We combine our standard Control Framework with your additions. This can be expanded with one or more of the adjacent Frameworks.

Real-time monitoring of credit limits

Credit Exposure

In close cooperation with a bank, CERRIX has developed a software tool for real-time monitoring of credit limits in relation to the most current credit exposure position. CERRIX-CLM can combine data from different systems and relate it to the credit arrangements. This takes into account company structures, facility structures and netting agreements. Simulations of your credit portfolio are possible and the integrated data warehouse offers many reporting and analysis options. CERRIX-CLM is not an Internet application, but is delivered as an in-house application.