Skip to main content

Help us improve the Digital Marketplace - send your feedback


Risk Management System - RMS

RMS is a flexible tool that enables public authorities to implement a systematic process stimulating compliance and preventing (and/or addressing) the risk of non-compliance, including risk of fraud, risk of insolvency and any other risk which appears to threaten the authority’s objectives.


  • General-purpose module available for several business domains like Customs, Taxation.
  • Accountability: Version control of results and of manual interventions.
  • Manage automatic evaluation results; capture and audit user actions.
  • Verify item history, location, or application through documented recorded identification.
  • User-defined Risk Criteria drive in Risk Control Indicators
  • Support unlimited types of Information Sources (files or external systems)
  • Multiple Risk Analysis execution schedules
  • Ability to process historical data


  • RMS enables a common harmonised model for risk management
  • Supports compliance processes of Taxation Authorities
  • Identifies Tax Returns that justify further investigation
  • Integrates into the Taxation Business Flow
  • Supports the Decision Making Process of Tax Authorities;
  • Can be Integrated directly with any Case Management System
  • Provides flexible facilities for specifying measures to limit risk likelihood
  • Supports Formal Risk Criteria, Random Selection and Weight-based selection


£12,000 an instance a month

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

6 3 6 0 6 7 7 1 8 9 4 8 7 7 2


EUROPEAN DYNAMICS UK LTD Panagiotis Rentzepopoulos
Telephone: 020 34118309

Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
System requirements
  • Internet connection
  • Reasonably recent version of web browser
  • JavaScript enabled

User support

Email or online ticketing support
Email or online ticketing
Support response times
User support operates on working hours during workdays. The response to questions depends on their criticality and varies between 2 hours for major incidents to 2 working days for cosmetics. Different service metrics are possible based on specific SLAs.
Response times are the same at weekends is the SLA requires so.
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Different options are available. Complete information can be found in the pricing document.
Support available to third parties

Onboarding and offboarding

Getting started
The service setup includes the provision of standard electronic support material in the form of online documentation. Additional training may also be ordered.
Service documentation
Documentation formats
End-of-contract data extraction
Data can be extracted through normal Service operation at any time. Bulk data transfer may be arranged at the end of the term if required.
End-of-contract process
The “off boarding” phase follows an established procedure that provides assurance to both the Customer and the Service Provider that all service aspects will be addressed. Such aspects may include (depending on the Customer’s service set up):
• Access rights: ensure that all access rights are revoked or restored to the state before the service commenced.
• Customer-supplied data: ensure that all information uploaded or stored with the system is handled in line with the Customer requirements (deleted or returned to the Customer).
• Supplier-uploaded information: ensure that all information entrusted with the system by suppliers is managed in line with the contractual and legal requirements in effect.
• System-generated data: ensure that all information related to the Customer will be made available for retrieval. Such information may include audit trails, event characteristics, etc.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
The service uses responsive design as much as possible, which ensures an easy to use interface dynamically matching the display of the user's device.
Service interface
User support accessibility
WCAG 2.1 AA or EN 301 549
Customisation available
Description of customisation
During the Service setup phase, buyers are able to select customisation options that will be implemented by the service provider. Additional information exists in the pricing document.


Independence of resources
The infrastructure of EUROPEAN DYNAMICS warrants that service performance will be unhindered by matters of capacity, load, and network traffic thanks to its design that exploits the benefits of a scalable and robust architecture based on virtualisation.


Service usage metrics
Metrics types
Service usage, helpdesk report, storage consumption, KPI values
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Other
Other data at rest protection approach
The Service may encrypt sensitive data at rest
Data sanitisation process
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
The service offers the possibility to archive and download on the user’s storage area all relevant information. Such information includes user information, the rule base and audit trail reports. All exported files are formatted according to widely used file formats, thus maximising the possibility for reuse without any modification.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • PDF
  • Excel
  • Original format (ZIP archive)
Data import formats
  • CSV
  • Other
Other data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks
All communication of sensitive data is via HTTPS over the public internet - The Service also encrypts sensitive information in order to provide additional protection.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
Firewalls + Intrusion Prevention systems protect the perimeter of the service platform - The Service also encrypts sensitive information in order to provide additional protection additional access control/protection.

Availability and resilience

Guaranteed availability
99.9% ("three nines") availability is offered as standard
Approach to resilience
All key EDHS infrastructure components are fully redundant ensuring an HA data centre architecture ideal for mission critical hosting services:
• Redundant Server Design: all servers are fitted with redundant disks, power and cooling;
• Redundant Storage: fault tolerant enterprise grade Storage Area Network solution;
• Redundant Power: Power outages are handled by a UPS backed up by a diesel generator;
• Redundant Internet feeds: The primary data centre connects via two fibre carriers to two different ISPs.
Outage reporting
Service availability is part of the service report. Outages are part of the service availability information reported.

Identity and authentication

User authentication needed
User authentication
  • Username or password
  • Other
Other user authentication
Users must enter their username and password in order to access the service. In case of first-time login, they also need to enter a one-time transaction code that is sent to their registered email address.
Access restrictions in management interfaces and support channels
Access to management interfaces is restricted through user authentication. Access to support channels is unrestricted. Non-public network channels are used for maintenance operations.
Access restriction testing frequency
At least once a year
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
The certificate is specific to the hosting service platform and its administration. An ISO9001:2015 certificate covers the quality management of the company's business processes.
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
The service security governance is operated in compliance with GDPR and the national data protection laws that apply in the UK and any other involved country (if any).
Information security policies and processes
A comprehensive set of Information Policies & Procedures are implement as part of the ISO27001 ISMS under which the service is operated.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Services are operated according to Change management Policy & Procedures which includes configuration changes . Changes must receive formal approval from an internal Change Advisory Board (CAB) .
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The Service Provider has defined a Patch Management Policy implementing a proactive patch management strategy; this involves recording and maintaining the patch level for all information systems involved within the hosting services environment. Furthermore, the strategy involves identification and application of patches that are considered essential in maintaining the security and correct operation of the service.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
A comprehensive monitoring and alerting system is implemented for data centre services which is implemented as a separate LAN in order to monitor and maintain security. An HP ArcSight SIEM is used to analyze and correlate security events across the IT infrastructure.
Incident management type
Supplier-defined controls
Incident management approach
The Service Provider maintains an incident management policy and associated incident response procedures as part of its hosting solution. The incident response procedures contain a detailed categorisation of incidents together with triggers and the associated actions that the tenderer takes in order to inform the customer and to protect and defend the customer’s hosted information resources.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks

Social Value

Equal opportunity

Equal opportunity

EUROPEAN DYNAMICS is an equal opportunity employer and applies an Equal Opportunities Policy (EOP) for this purpose. This policy covers all aspects of employment, from advertising of vacancies, selection, recruitment and training to working conditions and reasons for termination of employment.
We take measures to increase the representation of disabled people in our workforce. We support disabled people in developing new skills relevant to our activities, including through training schemes that result in recognised qualifications.
We regularly monitor the working environment and take appropriate action if necessary to ensure that our EOP operates effectively. Our actions eliminate immediately unlawful direct and indirect discrimination and promote equality of opportunity.
We influence staff, suppliers, customers and communities to support disabled people. We also take measures to identify and tackle inequality in employment, skills and pay in our workforce. We support career development to help people, including those from disadvantaged or minority groups, to move into higher paid work by developing new skills relevant to our activities.
Our long-term aim is to proportionally represent all socially disadvantaged groups in the composition of our workforce. We set targets with a fixed timetable for hiring people belonging to groups that are underrepresented in the workforce. Where necessary, specific steps in conformance with relevant legislation are taken to help disadvantaged and/or underrepresented groups to compete for jobs on a genuine equal opportunity basis. Our EOP and the measures for its implementation are based on advice from relevant bodies and in consultation with representatives of our employees.


£12,000 an instance a month
Discount for educational organisations
Free trial available
Description of free trial
EUROPEAN DYNAMICS offers a test instance of the service free of charge to Customers wishing to familiarise themselves with the system, gain access to its documentation and go through online walkthroughs of most common tasks
Link to free trial

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.