Apply for this job

We collaborate with best-in-class platforms, consultants, and technology providers to deliver seamless, future-proof solutions, built to grow with your organization.

Download Whitepaper

We collaborate with best-in-class platforms, consultants, and technology providers to deliver seamless, future-proof solutions, built to grow with your organization.

Product
>
Third Party Management

Vendors onboarded. Risks contained.

Third-party data contralized and scored. Contracts monitored, SLA breaches alerted, DORA readiness evidenced.

Learn more
Book a demo
Challenge

External exposure overlooked. Without structure:

  • Disparate vendor records mask threats.
  • Manual reviews miss SLA slippage.
  • Regulatory evidence scattered at audit.
The CERRIX approach

Suppliers centralised, assessments automated, compliance tracked:

  • Questionnaires issued easily.
  • SLA breaches alerted.
  • DORA readiness evidenced.

A smarter way to govern third parties

CERRIX streamlines onboarding, risk scoring, and continuous monitoring so external partners stay trustworthy.

Central vendor register

All supplier profiles, contacts, and contracts stored in one place.

Automated assessments

Dynamic questionnaires score risk and surface gaps instantly.

SLA breach alerts

Live metrics track obligations and notify owners when limits slip.

DORA compliance tracker

EU Digital Operational Resilience Act controls mapped and evidenced.

Ongoing monitoring

Periodic reviews scheduled; changes highlighted across the portfoio.

Explore all solutions
Book a demo

Solving real-world GRC challenges with one smart platform

Aligned stakeholders across risk, compliance, and audit

Reliable data that supports better decisions

Tailored configuration that matches your governance frameworks

Phased onboarding that reduces risk and accelerates adoption

GRC implementation that goes beyond tool setup

Rolling out GRC implementation is more than launching software. It’s about creating clarity in your processes, consistency in your data, and aligning and motivating all 3 lines to work together. At CERRIX, we guide you through every step—from setup to adoption—so your platform delivers real results, fast.

Configuration completed in one month
Stakeholder-specific dashboards
Cross-country risk and control data

Project Setup

Implementation

Go-live

Support

Understand, Align, Prepare

We begin by forming a strong foundation:

Define objectives, scope, and success criteria
Conduct kickoff & initial training
Engage all key stakeholders from day one
Prepare your governance, communication, and milestone plans

Configure, Customize, Validate

We tailor the platform to your organization’s needs:

Configure your organization, frameworks, and metadata
Align configuration with your policies and risk strategy
Prepare and review data for quality and consistency
Set up reporting dashboards and user access

Test, Train, Launch

We ensure your team is ready to succeed:

Run acceptance testing with full coverage
Conduct role-based user training
Set the official go-live date
Announce internally and provide go-live support

Evaluate, Improve, Expand

Post-go-live, we help you evolve:

Collect lessons learned and evaluate
Refine configuration based on feedback
Plan next steps for continuous improvement
Expand to other business units or use cases

Real Results, Real Impact

Transforming Compliance: How Menzis Gained Efficiency and Real-Time Insights with CERRIX

Menzis, one of the largest healthcare insurers in the Netherlands, seeking an integrated and automated GRC solution to streamline compliance, enhance risk oversight, and improve operational efficiency.

View case study

Structuring Risk and Audit Across Teams: Haier Europe’s Journey

Haier Europe’s approach to risk and audit transformation with CERRIX.

View case study

Transforming Risk Culture: How Stater Strengthened First-Line Ownership and Assurance with CERRIX

Stater’s journey to first-line risk ownership and assurance with CERRIX.

View case study

Enterprise-grade security

Data Protection

ISO/IEC 27001 certified to ensure your organization meets global standards for information security and governance.

Control Assurance

ISAE 3402 Type II verified, with independently audited internal controls that guarantee service reliability and compliance.

Financial Sector Readiness

FSQS-NL registered — pre-qualified for procurement by leading banks and insurers in the Netherlands.

Questionnaires issued easily
SLA breaches alerted
DORA readiness evidenced