Diri helps companies gain overview, control and compliance within IT security, risk and privacy.
Diri has a team of experienced and dedicated experts in risk management, information security and privacy (GDPR). We support and guide your company, and together, we solve the challenges you face – regardless of the degree of complexity and the size of the company. With Diri on the team, you can be sure you have good control and overview of your company's IT security and privacy. We tailor programs to the needs of your company.
Contact us for a non-binding chat about what you need assistance with.
Below are some examples of how we can contribute.
Diri offers strategic advice on risk management, information security and privacy. We help companies get cost-effectively started with security work. We can assist in establishing the necessary security processes and contribute to the execution part of the risk assessment work.
Do you want to establish an information security and privacy management system that adheres to best practices, including ISO 27001, ISO 27005, NIS2, DORA, and GDPR? Diri AS assists with the necessary expertise, tools and training to ensure effective implementation and maintenance of these requirements. A special focus is placed on establishing a risk management process following ISO 27005.
We help you conduct a health check of your cybersecurity. We do this in four steps:
1. Cybersecurity audit (risks, values, ICT systems, suppliers)
2. Assessment of the consequences for the company
3. Contingency plan
4. Documentation of compliance
All reports will be available in the customer's portal in Diri. The work is carried out according to ISO27001 best practices.
Do you want to know how far there is left before the company meets a given standard or a requirement specification? Diri maps the distance between the current situation and where the company wants to be. The analysis gives the company a clear picture of what shortcomings the company has, and which areas need to be improved to achieve the goal. A GAP analysis (maturity assessment) creates a common understanding in the company of how the systematic information security work is today and is a useful tool for organizing and prioritizing further work, so that the goal is achieved and the best possible result is achieved.
All companies that process personal data must keep a record of the processing activities for which they are responsible. Does your company need assistance to make a good and clear processing protocol? Diri has the expertise and tools to take you safely through the job!
Do you need assistance to carry out risk assessments? In Diri, we use the Bowtie model as a starting point, which provides a unique approach to risk assessment work, where you can, for example, link several causes, consequences and measures to an incident. You will also see that follow-up is much easier in our system. We are happy to help you through our 5-step process for risk assessments, provide input on work with risk assessments in general and/or assist with specific challenges related to the area.
DPIA is a privacy impact assessment. When you collect or use personal data, you consider what can go wrong, how the data should be protected and whether everything is in line with the law. Diri can assist in both the assessment of whether a DPIA is required and through the process of conducting a DPIA.
Do you need help assessing your company's suppliers in terms of privacy and information security? We help you in the process so that you get a good overview of your suppliers, what information they process, criticality for the company, etc.