Tel: +31 (0)20 - 244 59 34
E-mail: contact@kraal.it
Version 1.1
© Kraal
Information Security Management System
Introduction
Welcome to Kraal’s Information Security Management System (ISMS). Our platform provides a complete, accurate, and compliant overview of all IT security activities. It is your central command center for managing, monitoring, and strengthening your organization’s IT security framework.
Real-time visibility and control
The platform unifies critical security information into a real-time interface where you can access the insights that matter most. Monitor and assess incidents as they occur, review risk management status, manage compliance reporting, test and improve team awareness, and make data-driven decisions that reinforce your security posture.
Driving continuous improvement
Kraal’s ISMS enables you to proactively strengthen your defenses rather than merely reacting to threats. Periodic scans, tests, reviews and assessments highlight areas for improvement, track your organization’s progress, and demonstrate measurable growth in security maturity.
Built for compliance excellence
Navigate complex regulatory requirements with confidence. The system is designed to align with NIS2 and DORA obligations, ensuring you maintain compliance while safeguarding your most valuable information assets.
Empowering your security journey
Kraal is more than just a dashboard. We are your strategic IT security partner to help you build a resilient IT security framework. From risk assessments to incident response, from policy management to awareness training, every feature is built to make IT security management more effective, efficient, and aligned with your business goals.
Ready to take control of your security posture? Your Kraal ISMS journey begins here.
Risk Management
Document upload
Upload new risk management policies and documents after scheduled revisions to ensure the most current version is always available.
Risk management documents
Repository of all current and historic IT risk management documentation, including policies, organized by year for full oversight and audit traceability.
Safeguard
Security scans
Overview of all completed security scans, with downloadable PDF reports.
Reports provide clear documentation, support continuous improvement, and demonstrate regulatory audit compliance.
Date
Name
High risks
Medium risks
Low risks
Safeguard
Penetration tests
Overview of all completed penetration tests, with downloadable PDF reports.
Reports provide clear documentation, support continuous improvement, and demonstrate regulatory audit compliance.
Date
Name
High risks
Medium risks
Low risks
Monitoring
Monitors and status
Overview of all network monitors, including their last update timestamp and current status (active/inactive), for real-time system oversight.
Name
Last update
Last status
Incident logs
Chronological overview of all recorded security incidents, including context for each case.
Time/date
Type
Message
Monitoring
Upload incident
Register new security incidents by completing and submitting the appropriate incident form from the risk management documentation.
Documented incidents
Structured and dated list of all officially registered incidents, ensuring ongoing visibility and demonstrable compliance accountability.
Security Awareness Training
Introduction
This page provides an overview of the status of our Security Awareness Training.
The training is divided into eight topics. Each topic begins with a concise explanatory text designed to clearly communicate key concepts and best practices. Following the introduction, participants complete multiple-choice questions to evaluate and reinforce their understanding. Topics cover essential areas such as phishing, password security, data protection, and more.
Participants can progress through the material at their own pace, with the option to save their progress and resume training whenever convenient.
Score
Visual overview of average training scores for all activate participants.
Participation
Visualization of training participation rates of invited employees.
Participants
Manage Security Awareness Training by sending invitations via email and monitoring course completion dates for all participants.
Name
Email
Invitation sent
Completed
Settings
Change password
Required complexity:
- At least 8 characters
- At least one number
- At least one lower case character
- At least one upper case character
- At least one special character
Change email
Two-factor authentication (2FA)
