SecureOneLabs Logo

Introduction

Back-Office Security Support System (BOSSS) is a Unified Security Risk Management (USRM) SaaS platform that unifies GRC, ISMS, and CMDB capabilities, with a simple and intuitive interface.

Note
This project is under active development.

Organizations are obligated to ensure they have adequate measures for identifying and managing risk. Challenges such as complex requirements, siloed systems, and environmental factors make risk management difficult to do effectively and efficiently.

BOSSS brings traditional GRC, ISMS, and CMDB systems together into one unified platform to help manage risk, increase confidence in decisions, and reduce spend.

What these systems provide

  • GRC — Governance, Risk, and Compliance: facilities for establishing and managing policy, risk, and compliance processes.
  • ISMS — Information Security Management System: facilities for programs like third-party risk management and business resiliency planning.
  • CMDB — Configuration Management Database: a system of record for organizational assets, technology, and related components.

Use cases

  • Audit
  • Action Plans (Remediation)
  • Governance (Policies, Standards, Baselines, etc.)
  • Risk Assessment (Threat & Vulnerability Matrix)
  • Mergers & Acquisitions (Entities)
  • Municipal Government (Records & Data Management)
  • System of Record (SOR)

BOSSS can help improve security posture, ensure compliance with policies, prepare for audits, and conduct self-assessment or assurance activities.

Loaded with 75+ modules, it enables organizations to manage enterprise risk effectively and efficiently—improving visibility, establishing clear accountability, fostering collaboration, and breaking down silos.

BOSSS supports roles such as Risk Management, Audit, Compliance, Officer, Director, Assessor, Business Owner, Technology Manager, and Analyst.

Capabilities

GRC

  • Actions & Compliance Management, Audit, Testing, and Validation
  • Business Process Management (BPM), Data & Records Management, Exception Management
  • Repository for Policies, Controls, Standards, Baselines, Procedures
  • Platform for Risk Assessments

ISMS

  • Vendor/Supplier Risk Management
  • Business Continuity & Resiliency Planning
  • Incident and Vulnerability Management

CMDB

  • Applications, Assets, Cloud, Data Elements & Sets, Databases
  • Entities, Locations, Networks

Integrations

To extend value, BOSSS integrates via OAuth with:

  • Apache Airflow (Workflow)
  • Apache Superset (Business Intelligence & Data Visualization)
  • Moodle (Learning Management System)

Security Disclosure

If you discover a vulnerability or potential threat, please notify us immediately at
[email protected]

Include a description of the issue and steps to reproduce. Our security team will assess and respond after analysis. Thank you.

Was this page helpful?