Risk analysis for information security

This website offers you a tool to perform a risk analysis for information security. The use of this website requires that you log in. Click here to create an account. If you only want to look around, please use the demo account. You can do so by logging in with username 'demo' and password 'demo'.

Applicable standards

RAFIS uses the ISO/IEC 27002 standard (2022 version included) for control selection, but other standards can also easily be added. This allows the use of RAFIS in any organization.

Easy to use

Clear documentation and an easy-to-use interface make it possible for every information security professional to perform a risk analysis. Based on the report generated by this tool, you can prepare a plan to further improve the information security within your organization.

Free to use

The use of RAFIS is completely free, no tricky catch. When despite all the guarantees, you have no confidence in the use of a cloud solution to perform a risk analysis, it is possible to host this tool at your own server.