What is SimpleRisk Hosted?

SimpleRisk Hosted combines all of the functionality of our award winning SimpleRisk software with the convenience of a fully managed hosting solution.  This Software-as-a-Service platform (SaaS) is unique to SimpleRisk and builds upon all of the intrinsic security benefits of the Amazon Web Services (AWS) cloud.  This hosted solution is packaged into three distinct tiers designed to meet the budgetary and functional needs of different organizations.


SimpleRisk Hosted Small Enterprise

$4,995 / yr

SimpleRisk Hosted Medium Enterprise

$9,995 / yr

SimpleRisk Hosted Large Enterprise

$19,995 / yr

Recommended Use:   Individuals or Small Teams   Multiple Teams Within a Single Business Unit   Enterprise Risk Management
  • Quarterly "Ask the Expert" calls
  • Unlimited Risks
  • Unlimited Users
  • Risk Management
  • Governance
  • Compliance
  • Email Notifications Automatically Triggered by User-based Actions
  • Email Notifications Scheduled and Delivered to Users Automatically
  • Import of Risks, Assets, Controls, and More from CSV Files
  • Export of Data to CSV and XLS Files
  • Integration with Vulnerability Assessment Tools
  • Customizable Risk Assessments
  • SimpleRisk Silver Support
  • Daily Database Snapshots

Everything in the Small tier plus:

  • Risk Access Restrictions by Team
  • Web Tier Redundancy
  • Database Tier Redundancy
  • Dedicated AWS VPC Environment

Everything in the Medium tier plus:

  • Integration with LDAP and Federated Identity (SAML)
  • Custom Risk, Mitigation, and Review fields
  • Custom Asset Fields
  • Scripted API Interactions
  • Encrypted Database
  • Ability to Search Risks for Keywords
  • Two-way Integration with Jira
  • Custom Domain Name


Why Choose SimpleRisk Hosted?

A common complaint amongst organizations who have invested in a tool to aide in managing their Governance, Risk Management, and Compliance (GRC) efforts is the amount of time it takes before the tool is operational and providing a return on their investment.  With our On-Premise SimpleRisk offering, the time to get up and running is measured in minutes, and that value can be demonstrated quickly, but there are still routine maintenance activities that the organization is responsible for such as backups, upgrades, and monitoring.  SimpleRisk Hosted takes care of all of this for you, and more, so that your organization can focus your limited resources on managing your Governance, Risk Management and Compliance program, rather than the tool used to support it.  SimpleRisk's Founder and CEO, Josh Sokol, discusses this topic in more detail in his blog post titled SimpleRisk On-Premise or Hosted – Which Deployment Model is Right for You?

Is SimpleRisk Hosted Secure?

SimpleRisk Hosted was created by a security practitioner with over a decade of experience in designing, implementing and testing security controls for a global, publicly-traded, enterprise.  Security has been built throughout the service offering and includes:

  • "A" graded transport layer security configurations (HTTPS / TLS / SSL) validated with SSLLabs
  • Application code written around secure coding best practices and validated with a HackerOne Bug Bounty program
  • Dedicated virtual private cloud (VPC) environments with strict access controls
  • ISO 27001 certified and SOC2 validated datacenter
  • Layered security controls for defense-in-depth

If you're interested in learning more about the security of SimpleRisk, we have a more detailed Product Security Document that we can provide to you under NDA.

Does SimpleRisk Offer Professional Services?

We find that SimpleRisk is so simple and intuitive that our customers don't normally require any professional services to get started.  We encourage our customers to reach out to our Support Team should they ever encounter any issues or if they have questions about how to do something.  All of our SimpleRisk Hosted packages also include quarterly "Ask the Expert" calls with SimpleRisk's Founder and CEO, Josh Sokol.  With over a decade of experience running the Information Security Program for a large, global, publicly traded enterprise, we've found that giving customers the opportunity to speak with him on a regular basis has been invaluable in helping to jump start their GRC programs, as well as helping them to avoid some of the pitfalls experienced along the way.

How do I Get Started with SimpleRisk Hosted?

Getting started with SimpleRisk hosted is extremely simple.  There is no credit card required, absolutely nothing to install and it works on all modern web browsers.  You'll have complimentary access to try out all of our SimpleRisk functionality for 30 days.  Just click the "Free 30 Day Trial" link below, submit the form and we'll be in touch soon.