FrameCyber^® is a complete cyber risk management life cycle system designed to be used continuously with full retention of data and actions. It includes functions for cybersecurity risk assessment, event tracking, issue management, organization inventory, control inventory, risk registration, risk analysis, risk reporting, risk measures and metrics, and associated correlation of information and data in those domains required to perform cybersecurity risk management.

FrameCyber^® provides automation to ease compliance or comparison tasks with respect to industry, regulatory, or custom requirements. It allows:

• issue and event collection in support of governance activities in a enterprise-wide risk management framework.
• mapping existing controls and metrics to specific risks to help senior management understand the value of cybersecurity management activities.
• easy upload and download capabilities to take full advantage of existing enterprise tools and techniques.
• security features at the user, network, device authentication, role, group, and field level.
• support for executive decisions with respect to cybersecurity risk.

FrameCyber^® can therefore be used as a primary GRC platform, or a supplement for necessary features that may not yet be mature within the organization. FrameCyber^® is offered as a secure SaaS service with a client that runs on Windows 11 or MacOS 13 or higher. FrameCyber^® also provides access to a knowledge base and community for information sharing focused on cybersecurity risk assessment, information assurance, risk measurement, risk reporting, risk mitigation, and risk remediation.

More theoretical background on the product is available in various interviews and presentations. 

The company that produces FrameCyber^®, Decision Framework Systems, also provides cybersecurity consulting, training, and support for academic and business professional development use of the FrameCyber^® SaaS platform. Click here for more information.