Frequently asked questions

Cerivo is a GRC platform that combines data privacy, information security, and risk management in one place. It unifies Wired Relations, RISMA Systems, and ComplyCloud — giving organizations in Denmark, Sweden, and Norway a single platform to manage GDPR, NIS2, ISO 27001, DORA, and risk.

Cerivo supports GDPR, NIS2, ISO 27001/2, CIS18 and more. It is built for compliance teams managing data protection, information security governance, third-party risk, and regulatory obligations — across multiple frameworks simultaneously, without switching between tools.

Cerivo is built for compliance managers, DPOs, information security teams, and risk managers at organizations in Denmark, Sweden, and Norway. It is especially relevant for teams managing GDPR documentation, NIS2 obligations, ISO 27001 certification, or vendor and third-party risk.

GDPR compliance in Cerivo follows six steps: set up your workspace, map your vendors and systems, document your processing activities, review legal basis and documentation, then build ongoing routines. When processing activities are complete, Cerivo automatically generates your Article 30 Record of Processing Activities (RoPA).

A Record of Processing Activities (RoPA) is required under GDPR Article 30. It documents what personal data your organization processes, why, how, and with whom. In Cerivo, your RoPA is generated automatically once you have mapped your systems, vendors, and processing activities — and can be exported as an Article 30 report.

In Cerivo with our System & Vendor module, you can easily track whether a Data Processing Agreement (DPA) is in place and upload the agreement directly to the vendor record. You can also ensure ongoing compliance by assigning review tasks to each vendor DPA, making it easy to maintain regular reviews and keep agreements up to date.

To perform a risk assessment in Cerivo, go to the Risks module and create a new assessment linked to a system, vendor, or processing activity. Select the relevant threats, assess the impact on confidentiality, integrity, and availability, and evaluate the likelihood. Cerivo automatically calculates the overall risk score.If the risk is not acceptable, use the Risk Treatment tab to choose a treatment option, document security measures, and create tasks. Finally, reassess the risk to confirm the residual risk is within your organisation’s risk appetite.

Cerivo calculates risk scores based on your assessment of consequence and likelihood for each identified threat. Consequence is evaluated across confidentiality, integrity, and availability. Scores are calculated separately for the organization, data subjects, and society — giving you an overall risk score and a clear picture of where exposure is highest.

Contract Management in Cerivo is a module for storing, tracking, and managing vendor and supplier contracts in one place. It lets you record key dates (renewal, expiration, start), add contract parties, attach documents, track payments and costs, create follow-up tasks, and maintain an audit-ready contract record.

In Cerivo's Contract Management module, you can add start dates, expiration dates, renewal dates, and committed dates directly to each contract. This helps your team prepare ahead of renewals, avoid missed obligations, and manage supplier contracts proactively - without relying on spreadsheets or calendar reminders.

Vendor management in Cerivo lets you map all external parties, suppliers, software providers, data processors and more, in a structured register. For each vendor you can link IT-systems, document data processing agreements and connect vendors to your processing activities and risk assessments.

Third-country data transfers occur when personal data is sent to a vendor located outside the EU/EEA. Under GDPR, you must document the legal basis for these transfers. In Cerivo, you can map third-country transfers directly on each vendor, record the transfer mechanism (such as Standard Contractual Clauses), and maintain a complete record for compliance audits.

As a RISMA customer you will continue using RISMA as it is today, and you will be notified well in advance once we plan to move you to Cerivo - earliest in 2027. Your Customer Success Manager stays the same.

As a ComplyCloud customer you will continue using ComplyCloud as it is today, and you will be notified well in advance once we plan to move you to Cerivo. Your Customer Success Manager stays the same.

All Wired Relations customers have moved to the new Cerivo platform which expands on current Wired Relations functionality. New features and GRC workflows are continuously  being added to expand on the current Cerivo offering.

No. Your existing agreement remains unchanged when moving to Cerivo. You keep the same pricing, the same Customer Success contact, and the same support team. Any future pricing changes only apply at renewal, reflect added value, and are always communicated well in advance.