In addition to opportunities, every business activity also entails risks. Whether demanding value propositions, investments, security or compliance: systematic management of risks and monitoring of the constantly changing risk situation are key factors for sustainable success.
Holistic information security and risk management
Liability, natural disasters, accidents or information security: By holistic risk management, we mean the systematic consideration of all relevant types of risks for your organization. The resources available for countermeasures are always limited everywhere. It is therefore all the more important to keep track of the risks taken and to be able to derive clear priorities at all times.
Living management systems with modern tools, not just documenting
We support our customers in introducing and revising their quality or information security management systems in accordance with ISO 9001:2015 and ISO/IEC 27001:2013. For risk management, we apply ISO 31000:2018. It is very important to us that management systems are implemented with modern tools in such a way that they can be implemented in everyday life in the company. We no longer consider the creation of a battery of Word-based process descriptions, instructions and checklists, which are available for download on a central repository or on the intranet, as timely.
What are the characteristics of a modern implementation of management systems?
In our opinion, this includes at least the following 4 features:
Comprehensive networking of information
All information is easily searchable using a full text search
All forms and documentation are linked via hyperlinks and are easy to navigate
Process steps in graphical representations are clickable and linked directly to the relevant descriptions
All forms and documentation are linked via hyperlinks and are easy to navigate
Process steps in graphical representations are clickable and linked directly to the relevant descriptions
Electronic forms and workflows
Fill out and submit forms online, mobile or in the office
Automatically carry out input validations and completeness checksObtain system-controlled approvals from the responsible supervisors
Automatically record a comprehensible audit trail
Automatically carry out input validations and completeness checksObtain system-controlled approvals from the responsible supervisors
Automatically record a comprehensible audit trail
Live data for goal achievement and key figures
Obtain fault data and other process indicators from production systems via electronic interfaces
Evaluate KPIs and metrics for processes, divisions and products
Track progress towards target agreements (e.g. OKR or MBo) electronically
Evaluate KPIs and metrics for processes, divisions and products
Track progress towards target agreements (e.g. OKR or MBo) electronically
Low-threshold access for front line workers
Mobile access to documentation, forms, etc. for employees without a fixed office workplace (construction site, factory, sales counter)
Submit suggestions directly electronically as part of the continuous improvement process
Propose additions, bug fixes and updates to the documentation directly as an employee and have them checked and approved by those responsible via electronic workflows
Submit suggestions directly electronically as part of the continuous improvement process
Propose additions, bug fixes and updates to the documentation directly as an employee and have them checked and approved by those responsible via electronic workflows
Our platforms for implementation
Atlasian Confluence
Create and maintain documentation using interactive tools.
Beekeeper
Mobile communication with front-line employees who do not have an office workplace.
Atlassian Jira
Service portals and electronic workflows for verifiable execution of electronic processes, projects and tasks.
Excerpt of completed projects
VPN risk assessment
Articles on this topic
No items found.