What is SeCube GRC?

SeCube GRC is a security, risk, compliance, audit, and business continuity management software that can be modularly integrated in a single framework. Its purpose is to provide the integrated support of the security-related analysis, design, and maintenance processes in the company’s various divisions, thus creating a solution for the transparent and reportable management of security in the entire company.

What solution does SeCube provide?

The SeCube GRC system can be used to develop your company’s operating model (resources, systems, data, processes), to evaluate operations along the lines of business impact analyses, to use risk analyses (information security, physical, human, and business) to manage risks, to plan IT and business continuity, and to manage internal audit and compliance analyses in a single modular system.

Who is SeCube meant for?

SeCube’s target users include IT operations, the parties responsible for security and business processes, and the experts and managers in the fields of internal control and compliance. SeCube is safely able to manage the security-related activities involving the entirety of users in various professional fields.


SeCube GRC can be operated independently, allowing for the support of flexible use cases.

Major use cases of SeCube GRC


ISO9001 QM:The software supports the standard with process inventorying, internal audit support, and business risk analysis, and it also provides the opportunity for integrated management with the ISO27001 standard.

I'm interested

GDPR: The data protection focused functions support the keeping of data processing activity, personal data, and incident records and the implementation of data protection compliance assessments and risk analyses (DPIA).

I'm interested

ISMS: The fundamental goal of SeCube GRC is to create and maintain an Information Security Management System (ISMS) for an organization and to provide integrated support to its asset components, the control environment, the audits thereof, and RISK and BCM activities.

I'm interested
BCM (ISO22301)

Business Continuity Management: One of the aims of the BCM module is to support the entire business continuity lifecycle during planning / preparation / testing and in case of emergency applications. With the use of the software, the creation of BC plans that can be flexibly developed and the maintenance of applicability becomes a living company process.

I'm interested

Business Impact Analysis: Organizational surveys can be made pertaining to the material and immaterial damages resulting from possible threats to business processes / data / systems. Based on the impact analyses, resources can be grouped into CIA categories, and support can be provided to risk analysis and business continuity management planning tasks.

I'm interested

Enterprise Risk Management: he RISK module supports CIA information security risk analysis and even the concurrent execution of other physical, human, business, and risk analyses, the results of which are continuously managed in an integrated manner to implement the entire, single enterprise risk management process.

I'm interested
Audit & Compliance

Compliance: The express aim of the Compliance module is to provide support to audit-type activities. More than 40 Hungarian and international requirement collections and assessments pertaining to customizable audit packages (e.g. ICR) can be run, even concurrently. The deficiencies that are left out in the course of the assessments are placed in a finding management function, and the implementation of corrective measures can be continuously monitored, supplemented with detailed compliance reports.

I'm interested

DRP- ITSCM: We recommend the BCM module for Operation Managers, which allows system responsible persons to plan their recovery plans on interactive surfaces with the support of preparatory and testing tasks. With the use of the software, the creation of IT DR plans and the maintenance of applicability becomes a living IT operations process, including the generation of Word documents as necessary.

I'm interested
Please call me back

The integrated management of company security


One company, one security management solution

Uniform and integrated methods and records, the integrated support of the large variety of the results of security areas and processes and of cooperation, ensuring consistent and current results (reports, plans).


Risk-proportionate protection

Resources, services, data asset, business processes needed for organizational operation, and a comprehensible structure defining their relation. Risk, BCM, and Compliance management in a unified system, with the development and maintenance of risk-proportionate protection.


Wiping out one-off result products

The risk analysis report, BCP, DRP, GDPR, and compliance reports are no longer one-off results. Instead, they are processes that can be easily maintained with the effective use of inputs that offer up-to-date reports that can be generated as required. This results in a reduction in human resource requirements.


Compliance objectives

The tasks previously implemented to maintain compliance can, in addition to merely ensuring compliance, become actual security management processes and results with auditable and reproducible results.


Common language

Creation of a common language for business areas and internal service providers, such as between IT and security. Reducing key-person dependency, common knowledge base. Support of security decisions and security management resource and cost optimization.

Telecommunication: 4

Transport: 3

Govermental: 12

IT services: 4

Finance: 7

Water management: 2

Law enforcement: 2

Education: 2

Industry: 3

Services: 3

Energy: 1


The planned management of security is an important need in all sectors; accordingly, the SeCube GRC solution we offer has a wide range of industry, government, and market references.