Munich Re’s
Data Risk Intelligence

Don’t cut back on data and IT security – but on the effort involved!

Request a live demo

With the Data Risk Intelligence solution you can significantly reduce the time and expense involved in implementing the GDPR and at the same time improve the quality of your operations

Our comprehensive and at the same time modular solution for riskbased data protection and IT security management, including thirdparty risk assessment, has been thought out down to the smallest detail and tried and tested in practical application. In this way you create the greatest possible legal security for your company.

Request a live demo

140

140 years of experience in risk assessment and risk management, Munich Re has the world’s largest and most comprehensive expert knowhow for the development of high-quality software solutions in this field.

>90%

More than 90% of the data circulating worldwide has been generated in the past three years.

600

600 billion US dollars in damage was caused by cybercrime worldwide in 2018 alone, a whopping 35 % increase since 2014. The overall loss thus corresponds to 0.8 per cent of global economic output.

4bn

Nearly 4 billion people use internet-based services and generate new data with every interaction.

Reduce your risks with the easy-to-use analysis and workflow tool

Munich Re’s Data Risk Intelligence enables you to considerably simplify and accelerate your data and information protection processes, and at the same time provides you with an analysis that gives you a comprehensive overview not only of the current status of your data and information protection but also your IT risk management.

You will even receive this individual analysis automatically in the form of comprehensive documentation in accordance with regulatory requirements, as well as individual recommendations for action to reduce your risks to the greatest possible extent. And all this in only 3 steps.

And all this in only 3 steps.

Try out now!

To maximum data protection in just 3 steps

Munich Re’s Data Risk Intelligence ensures that your company is well prepared for all current and future requirements with regard to data protection regulations and information protection – worldwide, cost-efficient and legally compliant.

1. Process analysis

By means of a user-friendly, configurable dialogue and workflow system, the software solution classifies the data processed in the business process/procedure step by step, compares the data processing with the applicable legal requirements and documents the processes.

A decision-based catalogue of questions for the analysis of personal and nonpersonal data
Structured, individual user guidance through the entire question process
Collaboration throughout by assigning specific “roles”
Checking and processing of crosscompany and cross-country data flows

2. Risk evaluation

Based on the data classification, technical and organisational measures (TOMs) which can be individually adapted to the respective needs of your company are proposed automatically. The evaluation of these TOMs identifies vulnerabilities that you can subsequently deal with.

Evaluation of the criticality, integrity and availability of data on the basis of the findings of the catalogue of questions
Deduction of legal conclusions as well as appropriate technical and organisational measures (TOMs)
GDPR-compliant data protection
Identification of IT compliance deficiencies and IT security vulnerabilities (GAPS)

3. Legal documentation

In the process the software automatically uses the information provided by your company to generate all the legally required documents, such as contract processing, the data deletion concept, a data protection impact assessment and the processing directory.

Management of relevant data processing and data privacy information at one place
Audit logging of risk manager approval and management board decisions
Generation of documents in different formats and versions (with or without TOMs)
Document management – for more extensive documents, too

Security is good. Eightfold security is even better!

1. Data protection management

Situation analysis using a predefined, workflow-based interview catalogue
Data protection organisation based on interdepartmental cooperation
Automated creation of required documents
Logging and visualisation based on comprehensive reporting
Flexible and customer-specific adaptation through administration functions

2. IT risk management

Classification and assignment of data
Evaluation of technical and organisational measures
Identification of information security and IT security vulnerabilities, so that these can be dealt with subsequently
Check on third parties involved in the process by identifying relevant controls

3. Protection of business secrets

Evaluation of processes without personal data, but with critical and sensitive data (e.g. contracts or blueprints)
Identification of criticality, i.e. the confidentiality, integrity and availability of the data types defined for this purpose
Identification of vulnerabilities based on specific controls defined for this purpose

4. Cybersecurity assessment

Creation of a checklist for cybersecurity requirements
Review on the basis of a TOM list extended by information security checks
Extended documentation and handling of vulnerabilities through involvement and escalation of various stakeholders
Identification and management of vulnerabilities and the resulting risks (advanced risk assessment)

5. Tech. and org. measures

Preconfigured and customisable customer-specific TOMs and checks
Continuous checking and adjustment of stored TOMs
Automatic documentation of the corresponding results and optimisation measures
TOM calculator for fast and specific generation of technical and organisational measures for specific process characteristics

6. Third-party risk assessment

A workflow-supported check on all third parties involved in the process from a data protection and IT risk management point of view
Integration of third parties through “identity and access management”
Determination of individual TOMs for external parties
Central administration of all service-specific information and documents

7. Compliance management

Assessment of third parties on the basis of specific relevant monitoring requirements
Identification of risks for all parties involved in a business process
Management of the identified vulnerabilities
Continuous review of the checklist of controls and appropriate adjustments based on identified vulnerabilities
Audit functions per process as well as across-the-board by the role (auditor)

8. Analysis of vulnerabilities

Carrying out a risk assessment on the basis of checks revealing non-compliance
Definition of mitigating measures
Integration of experts on risk acceptance through delegation and escalation to different stakeholders (e.g. CISO, management etc.)
Use of automatic risk management on the basis of ISO 31000 (advanced risk assessment)

Select the edition that best suits your requirements. And simply extend it whenever you wish

Thanks to its modular structure you can not only adapt the solution to the individual maturity level of your integrated data protection and IT risk management, but further modules can also be flexibly added to the editions “Enterprise” and “Professional” at any time.

The Data Risk Intelligence Platform
All editions are based on the common Data Risk Intelligence platform. It forms the technical basis and provides the common user interface for all modules – including all those you book at a later date. This means you always have an overview and can operate in your familiar environment.

Standard Data Risks Module
This module groups together all the standard functions of the Data Risk Intelligence solution. From process analysis via risk assessment to documentation (see list on the right for the complete range of functions). Together with the Data Risk Intelligence platform this module forms the Professional Edition.

Enterprise Data Risks Module
In order to optimally integrate the solution into your company’s application landscape, simply choose the Enterprise Edition – this already includes the Enterprise Data Risks module and therefore not only ensures full group capability but also provides an additional comprehensive TOM list.

Data Breach Module
This optional module enables you to document data protection violations through initial and follow-up reports, to assess the obligation to report them, and to store them under an incident number for further processing in the system. Also available as stand-alone Data Breach Edition (see list on the right).

Additional modules
You can also cover more extensive regulatory requirements with the optional expansion modules, which can be seamlessly integrated into the solution.

Data Subject Rights Module: Offers you the structural documentation and management of enquiries from data subjects.
Advanced Risk Assessment Module: Replaces the Basic Risk Assessment vulnerability analysis in the workflow and thus offers the possibility of extending the scope of the analysis and adapting it to

	Enterprise Edition	Professional Edition	Data Breach Edition
Data Risk Intelligence Platform	included	included	included
Standard Data Risks Module	included	included	optional¹
− Rights and roles concept	●	●	○
− Customisable workflow with interview	●	●	○
− Register of processing activities	●	●	○
− Data protection impact assessment	●	●	○
− Automatic document generation	●	●	○
− Management dashboards (PowerBI)	●	●	○
− Multilingual expansion option	●	●	○
− GAP analysis and monitoring	●	●	○
Enterprise Data Risks Module	included	optional¹	optional¹
− Integration in the application environment	●	○	○
− Group capability	●	○	○
− Comprehensive TOM list	●	○	○
Data Breach Module	optional¹	optional¹	included
Additional modules
Data Subject Rights Module	optional¹	optional¹	optional¹
Advanced Risk Assessment Module	optional¹	optional¹	optional¹
			Learn more

● Included in the corresponding module
○ Available as soon as the corresponding module is purchased
¹ Can be purchased additionally at any time

All the benefits at a glance

Little work involved in setup and implementation thanks to the cloud-based SaaS solution

Transparent workflow resulting from effective management of roles and right

Future-proof solution thanks to continuous technical and regulatory development by Munich Re

Optimised data protection enabled by an automated and flexibly adaptable workflow structure and specific classification of data

Maximum legal security due to compliance with proof and documentation obligations ensured by the automated generation of all legally required documents

A faster overview of all relevant business processes, identification of vulnerabilities and documentation of individual technical and organisational measures

Get it all. For more detailed information just download our brochure “Data Risk Intelligence” for free!

Download brochure now!

Data breaches can be highly expensive. Unless you act in line with GDPR thanks to Munich Re‘s Data Breach Edition

Data Breach Edition enables you to document data breaches and assess the obligation to report them. The entries can be supplemented over time and reference numbers can be stored in the system for further processing. Learn more …

Data Breach Edition

How about trying our solution right now? Or would you rather talk to someone in person?

We believe you can never have too many good partners. You are a Value Added Reseller, Managed Service Provider or System Integrator and would like to include our solutions in your portfolio? Then simply apply for our Risk Suite Partner Programme.

Nicole Schmitzberger

Global Executive Director Channel Sales

Become a partner

Do you need support with Munich Re's Data Risk Intelligence?

As an existing user you have access to our Customer Service Portal (CSP) which provides you support knowledge and common solutions. You have a status overview of your support incidences and your feature requests.

Contact Support