Kantyra Kantyra

← All articles

General

The model behind Kantyra: from signal to evidence

Alain Rees · 07-07-2026 · 2 min read

Anyone responsible for information security soon ends up juggling separate lists: a risk register here, a compliance framework there, policies on the intranet and evidence scattered across folders and mailboxes. Each list is correct on its own, and yet the overview is missing. That is why Kantyra works with a single model that connects everything, in four phases: detect, assess, resolve and demonstrate.

Detect: the facts from daily practice

Everything starts with what actually exists and happens. You map your assets and processes, you register your suppliers with their criticality, and you record incidents the moment they occur. This phase does not produce judgements; it produces the facts on which every judgement must rest.

Assess: knowing where you stand

With the facts on the table, you can weigh them. You assess risks on likelihood and impact, you determine per requirement whether you comply, and you record a rationale with every decision. The result of this phase is an honest picture: this is under control, here is a gap, and that gap has an owner.

Resolve: coverage that works

Every gap deserves a solution you can maintain. That is a control with an effectiveness test, a policy with an approval workflow and a review cycle, or a project for what still needs to be built. For risks you consciously accept there is the exception: a formally approved deviation with an end date, so that acceptance never quietly becomes permanent.

Demonstrate: evidence on demand

The final phase makes the difference in every audit and every client enquiry. Because every judgement carries its rationale and every control carries its evidence, the Statement of Applicability is no longer an annual reconstruction but an export. Whoever asks for it receives it the same day.

The engine underneath the model

Between the phases runs a quiet engine. Tasks and automatic monitoring keep the model current: review dates, test dates and expiry dates automatically alert the right person. The phases also feed back into each other: a serious incident forces a reassessment of the linked risk, and a delivered project becomes an active control with a single click, including all its links.

Information security thus stops being a project with an end date and becomes a rhythm that keeps running. In the articles per phase we explore each part in more depth.

Want to see how this works in Kantyra?

In a 30-minute demo we walk through the model based on your situation.

Book a demo