Risk management acc­ording to ISO/IEC 27005

TRICK Service is a full-featured risk management tool, assisting you in assessing risk, planning actions, and running your information security management system.

It accompanies you throughout the whole risk management process; starting with the definition of the risk context, covering risk estimation and treatment, and communicating the results.

TRICK Service prepares you to be certified ISO 27001, to comply with the requirements of the GDPR, or to respond to CSSF circular 12/544.

Got curious? Have a look at the features that TRICK Service is offering you.

Learn more Our solutions Request a free demo access
TRICK Service Logo

Risk assessments

TRICK Service offers a unique way to conduct quantitative and qualitative risk assessments at the same time, within the same analysis.

You do not have to decide between either of the two methodologies to conduct your risk analysis. Of course, you can switch at any time to a purely quantitative, or a purely qualitative one.

Dynamic risk

Turn your risk analysis into a real-time monitoring tool that supports incident management.

TRICK Service is bundled with an API that accepts real-time risk information. If you have a security incident event management (SIEM), an intrusion detection system (IDS), a firewall, or similar, then why not connect them to your risk analysis, and see the impact of incidents in real-time?


Maintain your high-level inventory, supervise the asset owners, and manage the risks associated to them – all in one platform.

TRICK Service does not only provide you with an easy way of organise your assets. It also enables you to use it throughout the risk management process – including risk estimation, risk treatment, and reporting.

Integration with ticket­ing systems

TRICK Service provides in-built support for integrating with common ticket management systems (Redmine, JIRA).

That way, your risk treatment plan can directly be encoded in your own, dedicated tool – either by creating new tickets, or by linking actions to existing tickets.


Consolidate and summarise all your work in one single Word report that is ready to be presented to auditors or top management.

TRICK Service goes beyond being a risk management tool, and provides you a valuable support for proving compliance or setting up an ISMS in form of printable reports.

This includes a statement of applicability for ISO 27001 certification, risk sheets for CSSF circular 12/544, a DPIA report for GDPR, and a full report of your risk analysis.


Clearly understandable graphs help you to identify your current risk level at first sight.

A picture is worth a thousand words; that's why TRICK Service includes several graphs, covering ISO compliance, risk level, profitability and risk evolution.

Those graphs can also be exported, so that you can further fine-tune them (in Excel), or use them in your own report or presentation.


Fully control who can read, modify, or export individual risk analyses and versions.

For improved security, TRICK Service also supports Two-Factor Authentication, and integration with LDAP.

TRICK Service uses the latest security mechanisms to protect your data, and undergoes a regular penetration test.


Collaborate with your colleagues, create copies, and archive your work.

All risk analyses created with TRICK Service have full versioning support. This allows you (or your co-workers) to create snapshots of the risk management process, increasing transparency and clarity of your work.

Risk analysis can be ex- and imported at any time – be it for back-up or archiving purposes, or for sharing your work with third parties.

Free to use

Use the Freeware version of TRICK Service for your Risk assessment and the DRAW tool to create the related asset dependency graphs.

TRICK Free To Use is the freeware version of TRICK Service, a full-featured risk management tool, assisting you in assessing risk, planning actions, and running your information security management system (ISMS). In difference to the full version, it does not contain access management, expert knowledge such as controls already imported from standards, but still allows users to import such elements by themselves and to import previous assessments.

DRAW is an open-source javacript tool assisting to create dependency graphs with propagation rate, to export them as JSON or PNG, and to synchronize asset lists and risk parameters with TRICK with these graphs.

Still undecided? In case of questions, feel free to contact us; we will be happy to help. Also, don't miss out the opportunity to request a free trial access to our demo platform.

Our solutions

The comfortable solution

Cloud hosting

Our standard solution allows you to access TRICK Service from anywhere at any time.

  • No set-up required
  • Free updates included
  • Secure hosting in Luxembourg
  • Secure two-factor authentication

Try out TRICK Service by requesting a 30-day trial access.

The secure solution

Dedicated hosting

Do you need more flexibility? The dedicated solution provides you with a complete TRICK Service installation dedicated to you.

  • No set-up required
  • Free updates included
  • Secure hosting in Luxembourg
  • Secure two-factor authentication
  • Running on a dedicated machine for increased flexibility and security
  • Multiple users
  • Full administrative control
The autonomous solution

Self hosted

Do you have sensitive data? We also offer to install TRICK Service at your premises.

  • Free assistance for set-up and maintenance
  • Free updates included*
  • Have full control on your data
  • Multiple users
  • Full administrative control

(* Updates need to be installed manually.)

For further details and pricing, please contact us at info@itrust.lu or (+352) 26 17 62 12.