NorigenStart assessing

Vendor security review for EU companies

Every vendor review, in one workflow.

Reviews live in spreadsheets, email and four separate teams. Norigen brings multiple workflows together, from first request to audit-ready evidence, so you approve new vendors in days, not weeks.

Start assessing

Built natively on DORA, by legal and security experts.·EU-hosted.

Trusted by

Datarr
Överklaga
Hackrocks
Nationaal Cyber Security Centrum
CERT-SE — Myndigheten för civil försvar
Datarr
Överklaga
Hackrocks
Nationaal Cyber Security Centrum
CERT-SE — Myndigheten för civil försvar
Datarr
Överklaga
Hackrocks
Nationaal Cyber Security Centrum
CERT-SE — Myndigheten för civil försvar
Datarr
Överklaga
Hackrocks
Nationaal Cyber Security Centrum
CERT-SE — Myndigheten för civil försvar

Catalog and assess

Every critical third party in one place, classified by risk.

One owner, clear status

The review is routed, not chased. You always know where it stands.

Audit-ready evidence

Every approval captured and mapped to DORA Articles 28 to 30.

Why now

DORA made vendor risk a legal duty.

In force across the EU since January 2025, DORA makes ICT third-party risk a legal obligation under Articles 28 to 30. Article 50 lets national authorities, Finansinspektionen in Sweden, impose sanctions on non-compliant entities.

Norigen is built for it, with operational resilience as the outcome, not a checkbox.

Still reviewing vendors in spreadsheets?

Book a 20-minute call to show you how to run your reviews in a few days.

Book a call

or write directly: hello@norigen.dev