
Let Cybersecurity Become Part of Your Company Culture
The Canvas Method for Information Security actively engages teams in risk identification and risk treatment.This heightens risk awareness and responsible behaviour throughout the organisation, and enables teams to make the right cybersecurity decisions.The Canvas Method helps internalise security norms and bridge the gap between compliance and business goals.
Get the Free Templates

We don't send spam and won't
share your data with anyone
Mastering Cybersecurity
The Canvas Method for Information Security will help you:
Establish risk awareness throughout the organization
Enable teams to make the right cybersecurity decisions
Create priorities based on actual risks
See the Canvas Method in Action
See how the Canvas Method establishes Information Security Management through a structured dialogue about risks and controls.
About the Canvas Method
The Canvas Method for Information Security was created by Richard Kranendonk as a tool for implementing a continuous and structured dialogue between business and security professionals.Richard studied organizational psychology in Amsterdam, worked in IT for 20 years, and now applies his knowledge and skills to bridge the gap between privacy and security frameworks and business goals.
Companies like Booking.com, Ultimaker, and Roche have used his services.

Do you want to learn how
the Canvas Method can
benefit your organization?
Canvas Method Workshops
Book a workshop for your team and learn how to implement the Canvas Method for Information Security in your own organization.

{1} Identify

Use the Risk Identification Canvas to identify information security risks:
Identify risk sources in your team's context and work processes
Discuss information security risks arising from these sources
Decide on risk treatment
{2} Control

Use the Controls Specification Canvas to specify risk mitigating measures:
Specify controls to mitigate identified risks
Define methods and target values to establish control effectiveness
{3} Implement

Use the Controls Implementation Board to implement an ISO 27001 compliant PDCA cycle for your security management:
Create a clear overview of security goals, and the controls to achieve them
Follow the implementation status for each control
Achieve continuous improvement
{4} Improve

Use the Information Security Monitor to ensure the effectiveness and compliance of security controls:
Discuss recent incidents and their root causes
Identify additional controls to prevent future incidents
Report on effectiveness of controls
Set actions for further improvements
Canvas Method Workshops
In 2 online workshops of 2 hours each, we will take you through the Canvases as they apply to your own organization.
You will learn the basics of information security and risk management.
You will learn how to interactively identify and analyse risks, specify controls, create policies and define security metrics.
You will learn how to handle incidents and nonconformities, evaluate the effectiveness of your information security risk management, and identify improvements.
After the workshops, you will be able to implement the Canvas Method for Information Security in your own organization.
🚀 Launch offer for 2 workshops: €995
Normal price is €1990
Thank you!
We will contact you promptly