Every business activity involves risks as well as opportunities. Whether it is demanding performance promises, investments, security or compliance: systematic risk management and monitoring of the constantly changing risk situation are key factors for sustainable success.
Holistic information security and risk management
Liability, natural events, accidents or information security: By holistic risk management we mean the systematic consideration of all relevant types of risk for your organisation. The available resources for countermeasures are always limited everywhere. This makes it all the more important to maintain an overview of the risks taken at all times and to be able to derive clear priorities.
Living management systems with modern tools, not just documenting them
We support our customers in the introduction and revision of their quality or information security management systems according to the standards ISO 9001:2015 and ISO/IEC 27001:2013 and apply ISO 31000:2018 for risk management. It is of great importance to us that management systems are implemented with modern tools in such a way that they can be lived in everyday life in the company. We no longer consider the creation of a battery of Word-based process descriptions, instructions and checklists, which are available for download from a central repository or the intranet, to be timely.
What are the characteristics of a modern implementation of management systems?
In our view, this includes at least the following 4 characteristics:
Rich networking of information
all information is easily searchable via full text search
all forms and documentation are linked via hyperlinks and easily navigable
process steps in graphical representations are clickable and directly linked to the relevant descriptions
all forms and documentation are linked via hyperlinks and easily navigable
process steps in graphical representations are clickable and directly linked to the relevant descriptions
Electronic forms and workflows
Fill out and submit forms online, mobile or in the office
Automate input validations and completeness checksCollect approvals from the responsible supervisors in a system-controlled manner
Record traceable audit trail automatically
Automate input validations and completeness checksCollect approvals from the responsible supervisors in a system-controlled manner
Record traceable audit trail automatically
Live data for target achievement and key figures
Obtain defect data and other process metrics from production systems via electronic interfaces
Evaluate KPIs and metrics for processes, business units, and products
Track progress toward target agreements (e.g. OKR or MbO) electronically
Evaluate KPIs and metrics for processes, business units, and products
Track progress toward target agreements (e.g. OKR or MbO) electronically
Low-threshold access for front line staff
Mobile access to documentation, forms, etc. for employees without a fixed office workstation (construction site, factory, sales counter)
Submit suggestions directly electronically in the sense of the continuous improvement process
Suggest additions, error corrections and updates in the documentation directly as employees and have them checked and approved by the responsible persons via electronic workflows
Submit suggestions directly electronically in the sense of the continuous improvement process
Suggest additions, error corrections and updates in the documentation directly as employees and have them checked and approved by the responsible persons via electronic workflows
Our platforms for implementation
Atlasian Confluence
Creation and maintenance of documentation with interactive tools.
Beekeeper
Mobile communication with employees at the front who do not have an office workstation.
Atlassian Jira
Service portals and electronic workflows for traceable handling of electronic processes, projects and tasks.
Excerpt of realised projects
Risk assessment VPN
