本文件仅提供英文版本。
About RiskNote
Lightweight risk management for the organisations that are too big for Excel and too small for Archer.
Why RiskNote exists
Risk management should be a living part of how an organisation makes decisions. Not an Excel file updated once a year because someone asked for it before the audit.
That insight grew out of 25 years on the other side of the desk: developer, Scrum Master, IT director in local government, Group CIO in the private sector. Every role produced the same kind of frustration. Most small and mid-sized companies know they have to do risk assessments. Most don't know how. The ones who do, don't have a tool that costs less than a monthly salary to introduce.
A risk register isn't something you build for the auditor. You build it so you can make better decisions.
From IT director to tool builder
During the IT director years in local government, an information-security management system was started. Training in ISMS was done in parallel at Högskolan i Skövde. The theory was solid. The tools were not.
The search for a platform that tied risk, documentation, and follow-up together ended in spreadsheets, scattered Word documents, and systems built for auditors rather than the business. The real problem ran deeper than missing tools.
The insight: the barrier is cost, not competence
The same pattern came up in every organisation. The consultant who built a risk assessment for a client in Excel and never got around to updating it. The municipal head who wouldn't spend half a year's salary on a GRC system. The fintech startup that needed to be DORA-compliant but had no one to ask.
None of it was because the standards were too complex. ISO 31000 is shorter than an average terms of service. The problem was that the tools were either free and broken (Excel) or enterprise-priced (Archer, ServiceNow, SAP GRC). Nothing existed in between.
The turning point: when AI made it worth building
In the last two years, AI has moved from promise to practice. It can do what used to require a senior risk consultant billing by the hour: suggest industry-relevant risks, adapt to the organisation's context, produce board-ready reports in minutes instead of days.
But a product that needs AI to work isn't a product. It's a dependency.
RiskNote is built so everything works without AI. The risk register, the 5x5 matrix, the PDF export, and sharing with a client or a board all stand on their own. AI is a force multiplier for risk identification, but the decision is always the human's. That's GDPR Art. 22 and EU AI Act Art. 50 baked in from day one, not bolted on as a disclaimer afterwards.
What RiskNote is and isn't
RiskNote is
A lightweight, ISO 31000-based risk management platform for SMEs, consultants, project managers, and CISOs. A living risk register, a 5x5 matrix, AI suggestions for risk identification, and PDF reports you can actually defend in front of a board or auditor.
RiskNote isn't
A full GRC system for large enterprises. If you're 2,000 people with a dedicated ISMS team, you need more than we offer. You probably already have something. For everyone else: start here.
The company behind
RiskNote is developed by Swedish VER&IT AB (org.nr 556985-1206, Vänersborg). The company works in IT advisory, software development, and digital services with a security lens. The sister product SecuraPilot (securapilot.com) is aimed at larger organisations with full ISMS, audit, and vendor review. RiskNote is the lightweight entry point for everyone else.
About the founder
25+ years of experience in IT leadership across public and private sector. Background as developer, Scrum Master, IT director, and Group CIO. Trained in information security management systems at Högskolan i Skövde. I'm building RiskNote because the tools I wanted 15 years ago should exist today.
Contact
hello@risknote.io for product, sales, and partnerships. privacy@risknote.io for GDPR and data protection. support@risknote.io for paying customers.
Try it yourself
Start a 7-day free trial. No credit card required. First risk assessment ready before lunch.