RuleSafe for Information Security


The most widespread use of RuleSafe across all clients and industries is as a core foundation for the organisations' Information Security Management System (ISMS). RuleSafe comes pre-equipped with sample policies, standards and roles already cross-mapped and compatible with ISO 27001 and other ISMS standards and ready to deploy, with or without further customisation. RuleSafe is trusted by some of the largest companies to manage their ISMS and risk management programmes.

Information Security is one area of risk management that affects and requires the cooperation of everyone in the organisation, and at all levels "from the chairman to the doorman". Increasing internal and external threats, combined with increasing dependence on systems and electronic information everywhere, means that it is more vital then ever to ensure that every employee is kept aware of their own responsibilities to protect the business and its assets.


RuleSafe has a proven track record in helping companies to deploy and maintain security awareness and understanding among workers, and across some of the largest and well-know organisations. Furthermore, the ability to demonstrate an effective security awareness and compliance culture is now being mandated by new legislation, regulation and standards across almost every sector - including government data handling rules, and the impact of emerging regulatory requirements.


A key benefit of RuleSafe is its ability to cross-map all internal policies and procedures to corresponding external and internal standards and  generate management scorecard reports, showing how each external compliance target is being met by all internal controls. This is a vital feature for many organisations seeking compliance with, or formal accreditation to, worldwide standards such as ISO 27001/2 who are able to map and track progress of ISMS programmes via Statement of Applicability (SoA) mapped scorecards.


RuleSafe's unique personalisation and dashboard features ensure that each employee is kept aware of their individual responsibilities to ensure security, relevant to their particular role, function or position in the company. Managers have an additional dashboard showing the progress of their staff towards their awareness and compliance targets, and also how their overall group, team or division is performing against the rest of the organisation overall.


RuleSafe's integral change-managed document management system and its 5-level permissions structure is an ideal and secure framework for your risk management accreditation document set (RMADS). RuleSafe's integrated web channel and SMTP communications centre keeps risk stakeholders and staff automatically updated with changes and requests, while our optional 'RulePace' workflow module automates your  security and risk management programmes.


The ability to assign Self-Audit roles and responsibilities to managers, and tightly define the scope of audits means that RuleSafe delivers a complete solution to deploying Control Self-Assessment (CSA) exercises across medium and large organisations. RuleSafe gathers, displays results, and generates management information systems (MIS) reports in exportable formats. Report data can be combined with evidential compliance scores from managers own groups' compliance to create a complete risk picture.

Latest News

RuleSafe v4.0 released

World's leading GRC software adds 30 new features in v4.0

Cloud/SaaS launched

Low cost cloud-based GRC solution now available

User dashboards:
compliance gets personal

Real time compliance status updates for employees

GRC goes carbon neutral with RuleSafe SaaS

SaaS solution delivers paperless policy acceptance

Announcing PoliServer GRC Appliance

Integrated policy management & awareness solution in a box