Cloud-native GRC & ISMS Platform — built in Germany 🇩🇪

Kopexa is a modern, fully-fledged ISMS & GRC platform.
We help organizations automate compliance and security programs end-to-end, no matter their size.

Key features:

• Asset Management: People, vendors, infrastructure, applications, and data assets.
• Risk Management: Identify, assess, mitigate and monitor risks with configurable scoring.
• Vendor & Supply Chain: Manage third-party risk and due diligence workflows.
• Controls & Evidence: Implement, assign, and continuously validate controls.
• Framework Catalogs: Pre-mapped frameworks (ISO 27001, NIS2, DORA, SOC 2, BSI IT-Grundschutz, GDPR).
• Policies & Documentation: Centralized management with versioning, workflows, and approvals.
• Automation & Checks: Cloud-native executor with continuous compliance and integrations.
• Fine-grained Authorization: Powered by OpenFGA for scalable and secure access control.

Kopexa is designed to grow with you:

• Small businesses & startups: Easy onboarding, minimal overhead.
• Mid-sized organizations: Scalable processes and automation.
• Large enterprises: Advanced compliance automation, integrations, and enterprise-grade security.

We are proudly sponsored by OVHcloud and Microsoft — providing secure, EU-based infrastructure and enterprise-grade technology support.

• 🌐 Website: https://kopexa.com
• 💬 Discussions: github.com/orgs/kopexa-grc/discussions

If you find a security vulnerability, please email [email protected].
We follow coordinated disclosure and respond quickly.

_{© Kopexa GmbH — Made with ❤️ in Germany. Powered by OpenFGA. Sponsored by OVHcloud & Microsoft.}