what is Hydra ?


Hydra is based on an Enterprise Configuration Management Database, any item type, any item name, connected any way.

Controls and Audit

Controls, actions, policies, applied against any item type automatically, manually or conditionally, dynamically in realtime, either by self-assessment or audited.


Multiple types of risk from non-compliance, non-action or events, propagated dynamically throughout the system on a continuous basis.


Hydra has multiple dashboard views across compliance and control programs, policy or action types.


Hydra allows uploads of documents or recording of links against any type, any item, any action, or any relationship providing a 360 degree view of policy, action or evidence.


Ultimate cost of ownership calculated across the enterprise on an allocation basis and in realtime.

Hydra for everything

any language

One of Hydra's unique features is it's ability to speak your language, your terminology, your semantics.

risque, riesgo, gefahr, риск, 风险, rischio, gevaar - risk in any language!

any industry

Hydra is a Universal Governance Risk Management and Compliance platform. It works for any compliance framework in any industry. We can help you adapt any framework or develop your own.

any geography

Because Hydra is delivered through the Risk IT's HydraWeb™ Cloud, you can access it from your browser anywhere.

white labelled

Hydra is white-labelled, your logos, your name, which together with your framework is your product. Dont build your own technology use ours, it's flexible, low cost, and through the cloud, instant-on!

low cost

Hydra is remarkably affordable, certainly far cheaper than it's industry competition. making it a no-brainer. Include it with your product, rent it just for the duration of your project, a simple monthly pay as you go fee.


Make Hydra your solution, your database, your spreadsheet, your inventory, your controls framework, your controls execution, your document repository.

software as a service

Hydra is delivered to you as a pay-as-you-go without incurring long lead times, installation or software licensing.


Hydra is delivered from our HydraWeb™ service through the internet to your desktop, instant-on with no infrastructure or in-house support required.

Hydra for financial services


The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards.

Use Hydra to manage your security controls against your technology assets, with full audit, maker-checker and dashboard to know exactly where you are with PCI DSS in real-time.


Section 404 of the Sarbanes Oxley Act of 2002 requires management and the external auditor to report on the adequacy of the company's internal control on financial reporting (ICFR). This is the most costly aspect of the legislation for companies to implement, as documenting and testing important financial manual and automated controls requires enormous effort.

Use Hydra to manage your controls against your technology and business assets and processes with full audit, maker-checker and dashboard to know exactly where you are with SOX in real-time.

Know Your Customer (KYC)

Know Your Customer processes are also employed by companies of all sizes for the purpose of ensuring their proposed agents', consultants' or distributors' anti-bribery compliance. Banks, insurers and export credit agencies are increasingly demanding that customers provide detailed anti-corruption due diligence information, to verify their probity and integrity.

Use Hydra to manage your KYC controls against your client onboarding to record credentials, legal and evidential documents and record them with full audit, maker-checker and dashboard to know exactly where you are in real-time.

Hydra for information technology


Control Objectives for Information and Related Technology (COBIT) is a framework created by ISACA for information technology (IT) management and IT governance.


The Open Group Architecture Framework (TOGAF) is a framework for enterprise architecture which provides a comprehensive approach for designing, planning, implementing, and governing an enterprise information architecture.[

IT Governance

Information and technology (IT) governance is a subset discipline of corporate governance, focused on information and technology (IT) and its performance and risk management.

partner with us

RiskSpotlight is a fully populated library of Operational, Strategic and Reputational Risks within a best practice framework. The library has been developed by domain experts with extensive practice experience of implementing Risk Management initiatives in financial services firms.

GRC Solution People are very passionate about Governance, Risk Management and Compliance [GRC] disciplines and the business benefits these can provide to organizations. The team consists of a network of GRC experts, who are independent or work for a consulting organization that shares their passion for GRC. The network business model enables them to deploy the most effective engagement team for their clients whilst providing attractive commercials to their clients.

Fidentia Systems delivers high-quality Audit and Risk Management solutions to the Insurance Industry.

Bravenconsulting was established in 2010 to provide niche and customised consulting solutions for the Insurance Industry. We provide simple and constructive advice to maximise the value of the core element that make our client’s businesses unique. Our advice is simple, constructive and balanced. We support our clients to identify what is important and why so that they can influence their business to achieve success. We work closely with our clients to build meaningful relationships and individual solutions. Our experience in business enable us to understand our clients needs and their stakeholders' demands.We understand the value of effective advice to support effective decision making and how practical information can support leadership teams to make a difference to deliver tangible benefits.