Govern risk · Deliver service · Prove compliance

    A single pane of glass for risk and IT service across your organisation.

    Anzen brings your CMDB, ITSM tickets, controls, and risk register into one live picture. The moment something breaks, you see the affected business processes, exposed financial value, and who needs to act - without stitching tools together.

    Built for IT managers, security officers, and compliance teams from start-ups to mid-market organisations.

    Start for freeTry the interactive demo
    🇪🇺 EU-hosted · No US cloud · GDPR compliant
    anzen · Discover
    Configuration items
    web-prod-01
    api-prod-04
    db-cluster
    k8s-edge-12
    vault-prod
    redis-cache
    monitor-01
    logs-stream
    Discovered
    02468
    +8 in last 2s
    Explore

    What sets Anzen apart

    Three things only Anzen does

    Beyond a standard CMDB and ITSM tool, Anzen connects your assets, services and risk - so discovery stays current and every incident carries clear operational and financial impact.

    Incident queue · by € impact€ 48k€ 21k€ 12k€ 3k
    Service management

    Streamlined ITSM

    Run the service desk, see the money at stake.

    Incidents, problems and changes flow through one streamlined process, and every ticket carries the financial impact of the assets and business processes it touches - so you triage by euros at risk, not gut feel.

    Explore ITSM
    Automation

    Anzen Discover

    Your CMDB stays current, no spreadsheets needed.

    Network scans, cloud integrations and agent-based discovery find configuration items as they appear. Dependencies, services and links are kept up to date so the picture you trust is always the live one.

    Read the discovery docs
    !APIDBHypervisorCheckoutPaymentRevenue
    Risk insight

    Blast radius

    Know what an incident really costs.

    When something breaks, see every business process, application and revenue stream affected. Make remediation calls based on actual impact, not guesswork.

    See the risk view

    Optional add-ons

    Add-ons

    Bolt on extra capability where it pays off, from AI drafting to auditor-ready evidence. Each add-on is billed on top of your plan; the AI add-ons run on an EU-resident model.

    PDFAI add-on

    Anzen Extract

    Drop a document. Get drafted controls or a policy.

    Reads PDF, DOCX and ODT documents and drafts controls (with framework mappings, frequencies and auditor test scripts) or a full structured policy. You review every draft before anything is saved. First 5 documents free, then €99 / month.

    How Extract works
    ?Policy · A.8.5AI add-on

    Anzen Knowledge Base

    Ask your policies a question.

    Browsing and managing knowledge base articles is included free in every plan, with a free portal browse for end users. This add-on layers AI on top: ask your knowledge base a plain-language question and get answers grounded in your own policies and environment, every answer cited back to the source clause. Runs on an EU-resident model. €59 / month.

    How the Knowledge Base works
    1 Jan - 31 DecZIPSHA-256Compliance add-on

    Anzen Compliance

    Walk into the audit with the evidence already packed.

    Export a period-based evidence pack with the real artifacts: completed control tests with attachments, sign-off by a second user, and the ITSM tickets that prove your controls operate day to day - service desk and compliance in one platform, on EU-sovereign infrastructure. €79 / month.

    How the evidence pack works

    Risk Management

    Know your risks before they become incidents

    The Risk Register gives your organisation a structured, auditable way to identify threats, assess their impact, and track treatment - all tied to the applications and assets you already manage in Anzen.

    Per-application risk register

    Every risk is scoped to an application, so ownership is clear and nothing falls through the cracks. Score risks on likelihood and impact, link the controls that mitigate them, and watch residual scores drop as your security posture improves.

    • Inherent and residual risk scoring (likelihood x impact, 1-25)
    • Six risk categories: strategic, operational, financial, compliance, technology, reputational
    • Four treatment strategies aligned with ISO 31000: mitigate, accept, transfer, avoid
    • Link affected assets, business processes, controls, and change tickets
    • Full assessment history with field-level audit trail
    • Review scheduling with overdue alerts in the Risk Report
    Read the documentation
    Risk register showing application-scoped risks with scoring, treatment strategies, and linked controls

    Proactive risk identification

    Document threats before they materialise. Tie each risk to the application it affects for clear ownership.

    Measurable mitigation

    Compare inherent vs residual scores side by side. Heatmaps show whether your controls are actually reducing risk.

    Audit-ready history

    Every score change, status update, and ownership transfer is recorded with timestamps and user attribution.

    Review reminders

    Set review dates per risk. The Risk Report flags upcoming and overdue reviews so nothing goes stale.

    Platform Modules

    Four modules, one pane of glass

    CMDB

    Know what you have

    Everything starts with visibility. Track every asset, entity, vendor, and their relationships.

    • Business Impact Analysis - know which processes are affected when an asset fails
    • Business Process modeling with visual flow designer and CIA classification
    • Hierarchical entity structure (org → department → team)
    • Configuration Items with IP, hostname, OS, and network metadata
    Configuration Items list showing servers, switches, and firewalls with IP addresses, types, and status

    ITSM

    Manage incidents, problems, and changes

    A complete ticketing system purpose-built for IT operations, with full audit trails.

    INC2026000001PRB2026000001CHG2026000001
    • Incidents, Problems, and Changes - unified workflow with full audit trail
    • Self-service end-user portal for ticket submission
    • Priority, impact, and urgency scoring with automatic escalation
    • Activity timeline with comments, status changes, and linked assets
    Incident detail view with global search showing vendor and CI results across the platform

    Risk & Controls

    Quantify and govern cyber risk

    Define controls, execute tests, track issues, and see your actual risk posture in real time.

    • Real-time risk dashboard with business impact scoring
    • Risk Acceptance with mandatory review deadline and audit trail
    • Control tests with evidence collection, scheduling, and 4-eyes review
    • Issues auto-created from failed tests - linked to assets and processes
    Control detail view showing test script instructions, related assets, and test history with pass/review status

    Service Portal

    End-user self-service

    A clean portal for non-IT staff to submit requests and track issues.

    • Submit incidents and change requests with guided forms
    • Track status of submitted tickets with activity timeline
    • View and comment on assigned issues
    • Re-open resolved tickets with a reason
    Service Portal home showing Submit a Request, My Tickets, My Issues, and Control Tests cards

    Platform Capabilities

    Built for enterprise. Designed for speed.

    Fully Segregated & Protected

    Every workspace is completely isolated with its own secure data boundary. Your data stays yours - always separated, always protected.

    Custom ITSM Workflows

    Define custom status flows per ticket type. Add, remove, or rename statuses, configure allowed transitions, and set auto-assignment rules.

    Role-Based Access Control

    Single role defines CRUD permissions across multiple models. Entity-scoped permissions with hierarchy inheritance.

    Global Search

    Fuzzy search across all entity types. Results ranked by relevance with Cmd+K keyboard shortcut.

    Full Audit Trail

    Every create, update, and delete is logged with before/after values. Audit log viewer with filters.

    European Data Sovereignty

    Hosted exclusively in the EU by Dutch engineers. GDPR-compliant with full data residency guarantees. Your data never leaves Europe.

    Anzen Discovery

    Native scanner that discovers devices on your network and automatically populates your CMDB. Available for macOS and Windows.

    Pricing

    Simple, transparent pricing

    Start free with up to 10 users. Upgrade to Professional for unlimited users and advanced compliance features.

    FreeProfessionalPopularEnterprise
    UsersUp to 10UnlimitedUnlimited
    Control TestsManagement onlyManagement + Service PortalManagement + Service Portal
    Template Library (ISO 27001, NIS2)
    Control Test Reviews (4-eyes)
    Automatic Test Scheduling & Distribution
    Evidence & Attachment Storage1 GB10 GBCustom sizing
    SSO / OIDC
    Email Notifications
    Custom ITSM Workflows
    Per-user Invoicing with PDF
    SupportDocumentationPriority supportPriority + custom integrations
    PriceFree€10.99 / user / month (excl. VAT)Volume pricing
    Get started freeStart ProfessionalContact sales

    Not sure yet? Try the interactive demo first →

    Want a personal walkthrough?

    Trust & Sovereignty

    European-built. European-hosted. Your data stays yours.

    In a world of cross-border data flows and foreign jurisdiction risks, Anzen gives you certainty. Fully managed by Dutch engineers with infrastructure that never leaves the EU.

    Built in the Netherlands

    Anzen is designed, developed, and maintained by a Dutch engineering team. No offshore development, no third-party access to your data.

    Hosted in the EU

    All data is stored and processed on our own European infrastructure - no AWS, Azure, or Google Cloud. Full GDPR compliance with data residency guarantees.

    Data Sovereignty by Default

    Your data never leaves Europe. Tenant-isolated architecture ensures complete separation between organisations.

    "Anzen replaced our spreadsheet-based risk register, three SaaS tools, and saved us two weeks per audit cycle."

    Aligned withISO 27001NIST CSFNIS2GDPREU Data Residency

    Enterprise-ready

    Built for teams that take security seriously.

    API-first designFull OpenAPI spec - every feature accessible via REST API. Build integrations, automate workflows, and extend the platform.
    SSO / OIDCSingle sign-on via OpenID Connect. Works with Keycloak, Okta, Azure AD, and any OIDC-compliant identity provider. TOTP-based 2FA as an extra layer.
    Tenant isolationSchema-per-tenant architecture with strict data boundaries. No cross-tenant data leakage by design. Full audit trail on every action.
    Role-based access controlGranular RBAC with entity-scoped permissions and hierarchy inheritance. Define exactly who can do what, where.

    Stop managing risk in spreadsheets.

    See how Anzen can give you real-time visibility into your IT risk posture - in minutes, not months.

    Start for freeTry the demo

    Want a personal walkthrough?