top of page



Caveris ICAS approaches security management from a totally inclusive perspective, orchestrating the execution and tracking of manual attestation tasks and automated technology assurance checks across the entire organisation.


Caveris ICAS provides businesses with a truly representative view of their Cybersecurity, so they can base their Cyber-risk decisions upon the full picture.



Information Secured Assured

Avenir Light is a clean and stylish font favored by designers. It's easy on the eyes and a great go to font for titles, paragraphs & more.

Caveris Approach

"Security management is a holistic undertaking, comprising people, process and technology. It is debatable that technology alone can provide any protection at all if not actively backed up by effective security process."

How Caveris ICAS works

"Without structure and order the enforcement of security can only ever be haphazard at best."


Structure and Order

Caveris ICAS brings structure, order and oversight to the management of Information Risk and Cybersecurity, resulting in the enforcement of a consistent, repeatable and predictable level of security across the entire enterprise.

Caveris ICAS achieves this by modelling in software the organisation hierarchy (i.e. creating a digital twin) from lines of business down to the individual security controls and their workflows. The ICAS Model provides the foundation for enforcing consistency, accountability and rigour.



Model the Organisation

Model the organisation structure that best represents your business using ICAS hierarchy objects.  This could be geographical or logical or a mixture of both, it’s what works best for you.

Step 01




Manage Control Sets

Select the Control Sets most suited to your business needs from the ICAS Control Framework Library or build your own using the ICAS Control Builder.


Configure Control Owners and schedules for manual attestation Controls and apply Control Sets across Infrastructures.


In the case of automated technology check Controls, just enable the check, configure the frequency and bind it to the appropriate Control – it couldn’t be simpler.

Step 02

Setting up ICAS is easy, a few hours is all it takes!

​You are now up and running.

You can now see where there are weaknesses in your Cybersecurity controls so that you can address deficiencies and gaps accordingly.

Take targeted action


Control Execution

The Caveris ICAS orchestration engine schedules and runs manual attestation Controls, re-notifying Control Owners or escalating if necessary to ensure that Controls are addressed and not left undone or incomplete. Automated checks are executed on the frequency configured and the associated Controls updated with the results accordingly.



Control Assessment

Caveris ICAS assesses the performance of all Controls, taking into consideration current completion status and those of previous runs, to calculate an individual score for each.

These scores are propagated up through the modelled hierarchy in conjunction with a configurable set of weightings, that are used to represent the businesses risk profile, to arrive at an overall Security Posture score, that shows you how well your protection measures are being applied.



Leave nothing to chance

bottom of page