Now available

Stop managing governance in spreadsheets

IIMS is a purpose-built platform that brings risk registers, compliance frameworks, project delivery, and team accountability into one secure system — so nothing falls through the cracks.

Book a demo See how it works
8
Instrument types
100%
Data isolation
3
Minute setup

The problem

Governance tools weren't built for how you actually work

Most organisations rely on a mix of spreadsheets, email threads, and disconnected systems. The result? Risk is invisible, accountability is unclear, and audits become fire drills.

Scattered spreadsheets

Risk registers in one spreadsheet, project plans in another, compliance checklists in a third. No single source of truth, and version control is a nightmare.

No traceability

When a risk materialises, can you trace it back to the control, the responsible person, and the activity it relates to? Most organisations can't.

Client data mixed together

Consulting firms managing multiple clients struggle to keep data separate. One wrong share and confidential information lands in the wrong hands.

IIMS replaces all of that with one connected system

Every risk links to a control. Every activity links to a deliverable. Every person has a clear role. And every client's data lives in its own isolated, secure workspace.

Instruments

Eight instruments, one unified platform

Each instrument is purpose-built for a specific type of management work. Combine them to build a fully connected governance, risk, and compliance system for each client.

Structures

Hierarchical work breakdown for complex projects

Break down programmes into phases, deliverables, and activities. Track progress with automated roll-up calculations and assign clear ownership at every level.

  • Multi-level hierarchy with drag-and-drop reordering
  • Progress tracking with automatic parent roll-up
  • Rich-text descriptions and activity-level assignments
  • Status tracking: open, in progress, blocked, done
Q1 Programme
Phase 1: Discovery
Stakeholder mapping
Requirements gathering
Phase 2: Build
Architecture design
Development sprint 1
Kanban Boards

Visual workflow for tasks and approvals

Move work through customisable stages. Perfect for tracking approvals, managing action items, or running operational workflows that don't fit a hierarchy.

  • Fully customisable column names per board
  • Card-level details with descriptions and owners
  • Link cards to risks, activities, or controls
  • Ideal for action tracking and approval workflows
To Do
Review policy doc High
Draft risk appetite
Vendor assessment Medium
In Progress
Update BCP plan On track
Control testing Q1
Done
Annual audit prep Complete
Heatmap Registers

Risk and issue registers with visual severity scoring

Plot risks on a colour-coded likelihood vs. impact grid. Instantly see which risks need attention and how your risk profile evolves over time.

  • Configurable grid sizes from 3x3 to 6x6
  • Custom axis labels for any scoring model
  • Register view with sortable columns and filters
  • Link risks directly to controls and mitigations
High
2
3
5
1
Med
1
4
2
0
Low
3
2
1
0
Low
Med
High
Critical
Matrices

Responsibility and control mapping made clear

Build RACI charts, control matrices, or any row-by-column mapping. Define who is responsible, accountable, consulted, or informed for every function.

  • Custom row and column headings
  • Cell-level data entry with rich content
  • Perfect for RACI, control, and compliance matrices
  • Link matrix cells to related work items
Finance
Legal
IT
Data Privacy
R
A
C
Access Control
C
I
R
Incident Response
I
R
A
Vendor Mgmt
A
C
I
Lists

Custom configurable lists for tracking anything

Create powerful tracking lists with typed columns — text, number, date, and select fields. A spreadsheet replacement purpose-built for governance and compliance workflows.

  • Typed columns: text, number, date, and select
  • Configurable column definitions per list
  • Sortable and filterable register view
  • Link list items to any other instrument
Task Priority Due Date Status
Update access policy High 15 Mar In Progress
Vendor risk review Med 22 Mar To Do
Training records Low 01 Apr Done
Compliance check High 10 Mar Review
Meetings

Hierarchical meeting management with full traceability

Manage governance meetings with structured Agenda Items, Discussion Items, and Action Items. Track decisions, follow-ups, and accountability in one place.

  • Nested hierarchy: Meeting → Agenda → Discussion → Action
  • Action item tracking with owners and due dates
  • Decision recording with full audit trail
  • Link meeting items to risks, controls, and policies
Q1 Board Review Scheduled
Agenda: Risk Appetite Statement
Discussion: Update thresholds Noted
Action: Review risk limits by 15 Mar Open
Agenda: Compliance Update
Discussion: ISO 27001 progress Resolved
Policies

Policy registers with approval workflows and version control

Maintain a central register of policies and documents with rich text content, multi-approver approval workflows, version tracking, and scheduled review dates.

  • Rich text policy content with formatting
  • Multi-approver approval workflow
  • Automatic version tracking and history
  • Scheduled review dates with reminders
Information Security Policy v2.3
Owner: J. Smith
Review: 15 Jun 2026
Status: Published
This policy establishes the framework for information security management across all business units. It covers data classification, access controls, incident response...
Approvals
CIO - Approved CISO - Approved Legal - Pending
Contracts

Contract lifecycle management with full traceability

Manage the full lifecycle of contracts from draft through to expiry. Track counterparties, key dates, signatories, and supporting documents — all linked to risks, policies, and projects.

  • Full lifecycle: Draft → Approved → Signed → Active → Expired
  • Counterparty and signatory management
  • Document attachments with version control
  • Link contracts to risks, policies, and project items
Cloud Services Master Agreement Active
Type MSA
Counterparty TechVenture Ltd
Value R 240,000 / yr
Start Date 01 Jan 2025
Expiry Date 31 Dec 2025
CEO — Signed CFO — Signed Legal — Pending

Compliance frameworks

Designed to support the standards you work with

ISO 27001
Information Security Management
ISO 9001
Quality Management Systems
ISO 22301
Business Continuity Management
ISO 31000
Risk Management Guidelines
ISO 45001
Occupational Health & Safety
POPIA / GDPR
Data Protection & Privacy

Who it's for

Built for teams that take governance seriously

Whether you're a consulting firm, internal GRC team, or project office — IIMS adapts to how you work.

Governance & Risk Consultants

Manage multiple client engagements from one platform with complete data isolation. Give each client their own branded subdomain and access portal.

  • Multi-client risk assessments
  • Compliance framework implementation
  • White-labelled client portals

Internal GRC Teams

Replace your spreadsheet-based risk register with a system that connects risks to controls, owners, and mitigations with full audit trail.

  • Enterprise risk registers
  • Control effectiveness tracking
  • Board-ready reporting

Project & Programme Offices

Structure complex programmes with hierarchical work breakdowns. Track progress from activity level up through deliverables and phases automatically.

  • Programme work breakdown structures
  • Cross-project dependency tracking
  • Team capacity and accountability

Platform

Enterprise features without the enterprise price

Security, multi-tenancy, and usability built in from day one.

Complete data isolation

Every client workspace is fully isolated. No data leaks between tenants, ever. Role-based access controls at every level.

White-label subdomains

Each client gets their own branded URL and logo. Your platform, their identity. No shared logins or confusing dashboards.

Cross-instrument linking

Connect any item to any other. Link a risk to a control, an activity to a deliverable, a kanban card to a matrix cell.

Modular by design

Only use what you need. Start with a risk register, add project structures later. Each workspace gets its own instrument mix.

Rich text & audit trail

Every item supports rich-text descriptions, file references, and full change history so nothing is lost.

AI Writing Assistant

AI-powered writing assistant integrated into the editor. Draft governance content like policies, risk assessments, and meeting notes. Supports OpenAI and Google Gemini (free tier).

Works anywhere

Fully responsive web application. Access your governance data from desktop, tablet, or mobile — no app install required.

Per-workspace SSO

Each workspace can authenticate via Microsoft 365, Okta, or Google Workspace. Force SSO to remove password login entirely for tighter enterprise security.

Getting started

Up and running in minutes

No lengthy procurement cycles or IT projects. We set up your platform and you're ready to go.

1

We create your workspace

Tell us about your organisation and we'll set up a dedicated, isolated workspace with your branding and subdomain.

2

Configure your instruments

Choose which instruments you need — risk registers, project structures, kanban boards — and we'll tailor the setup.

3

Invite your team

Add team members with the right access levels. Admins, contributors, or viewers — everyone sees only what they should.

4

Start working

Begin logging risks, tracking projects, and managing compliance. Everything is connected and traceable from day one.

Our products

Solutions we've built and deployed

From governance platforms to custom integrations — we build software that solves real operational problems.

IIMS

A multi-tenant governance, risk, and compliance platform. Eight configurable instruments, white-label branding, per-workspace SSO, and full ISO framework support — all in one secure system.

GRC Multi-tenant ISO 27001 White-label SSO
Visit iims.app

AuditFlow

A streamlined audit management application built for teams that need to plan, execute, and track audit engagements with full traceability and reporting.

Audit Management Workflow Reporting
Visit auditflow.gasco.digital

Custom Integrations

Bespoke automation and data-linking solutions. We build custom bridges between the systems your business depends on — eliminating manual data entry and keeping everything in sync.

SKU Sync CRM Integration SAGE One Sales Trackers Automation
Talk to us about your integration needs

Pricing

Simple, transparent pricing

All eight instruments included. No hidden costs.

Monthly
R 70
per user / per month
Billed month to month. Cancel any time.
  • All 8 instrument types included
  • Custom subdomain & white-label branding
  • Complete data isolation
  • AI Writing Assistant
  • Per-workspace SSO (Microsoft 365, Okta, Google)
  • Email support
Get started
Best value — save 14% vs monthly
Annual
R 60
per user / per month
Billed as R720 per user once a year, paid in advance. Save R120 per user vs monthly.
  • All 8 instrument types included
  • Custom subdomain & white-label branding
  • Complete data isolation
  • AI Writing Assistant
  • Per-workspace SSO (Microsoft 365, Okta, Google)
  • Priority email support
Get started

All prices exclude VAT • Contact us for volume discounts

FAQ

Common questions

What is a "workspace" in IIMS?
A workspace is your organisation's private environment within IIMS. Think of it as a secure vault that contains all your instruments, data, and team members. Each workspace is completely isolated from every other workspace — no data is shared between them. Workspaces can have their own subdomain (e.g., yourcompany.iims.app) and branding.
Can I manage multiple clients from one account?
Yes. IIMS provisions and manages all client workspaces on your behalf. Each client gets their own isolated workspace with its own instruments, team members, and branding. We configure each workspace to match your client's needs — they simply log in and get to work.
How is data kept separate between clients?
Every piece of data in IIMS is tagged to a specific workspace. All database queries are filtered by workspace, and cross-workspace data access is blocked at the application level. Even linking between items is restricted to the same workspace. Super Admins can provision workspaces but cannot see the data inside them.
What instruments are available?
IIMS currently offers eight instrument types: Structures (hierarchical work breakdowns), Kanban Boards (visual workflow tracking), Heatmap Registers (risk/issue registers with severity scoring), Matrices (responsibility and control mapping), Lists (configurable tracking lists with typed columns), Meetings (hierarchical meeting management with agenda, discussion, and action items), Policies (policy registers with approval workflows and version control), and Contracts (contract lifecycle management with counterparty, signatory, and document tracking). You can combine any of these per workspace.
Can I use my own branding?
Yes. Each workspace supports white-label branding including a custom subdomain, logo, and business name. This means consultants can present IIMS as their own platform to their clients.
Which ISO standards does IIMS support?
IIMS is framework-agnostic and has been used to support ISO 27001 (Information Security), ISO 9001 (Quality Management), ISO 22301 (Business Continuity), ISO 31000 (Risk Management), ISO 45001 (Occupational Health & Safety), POPIA, and GDPR compliance programmes. The platform's instruments — heatmaps for risk registers, matrices for controls, policies for documentation, and meetings for governance — map naturally to the requirements of these frameworks.
Is there an API or integration support?
IIMS is built API-first. Every operation in the platform goes through a RESTful API, which means future integrations with other tools and automated workflows are fully supported. Contact us to discuss specific integration needs.

Ready to replace your spreadsheets?

Join organisations that have moved from scattered documents and siloed tools to one unified governance platform.

Book a demo

Contact

Get in touch

Whether you want a demo, have questions, or need a tailored quote — we'd love to hear from you.

Let's talk

We're a small team passionate about making governance accessible and practical. Tell us about your challenges and we'll show you how IIMS can help.

hello@iims.app
South Africa

Message sent

Thanks for reaching out. We'll get back to you within 24 hours.