Compliance Aspekte is a practical governance, risk and compliance software designed to help organizations achieve, maintain, and manage compliance across various standards and regulations. It provides an integrated compliance solution and facilitates key processes like asset structure analysis, compliance checks, risk management, data analysis, and report generation.

The system can support multiple information security and data protection standards, including BSI IT Grundschutz, ISO 27001/2, ISO 27019, GDPR/DSGVO, TISAX®, ASPICE®, ISO 21434, UNECE WP.29, KRITIS, B3S, ISO 22301, BSI 200-4, ISO 9001, ISO 14001, VW KGAS.

Use cases of Compliance Aspekte: Enhancing compliance for auditors, managers, and consultants

1. Internal compliance management

Compliance officers and IT security teams use Compliance Aspekte to ensure their organizations meet various industry standards. By inputting processes into the system, they can track progress toward compliance. The tool helps prepare for audits by storing all necessary information, such as audit results, and allows comparison between different audits.

2. Internal audits

Internal auditors and compliance managers use Compliance Aspekte to assess whether departments or projects adhere to standards and internal regulations. The system helps auditors monitor compliance across complex or large organizations.

3. Subcontractor compliance assessment

Procurement managers and compliance officers rely on Compliance Aspekte to verify subcontractor qualifications and regulatory compliance, ensuring accountability and reducing third-party risk before collaboration begins.

4. Managing compliance consulting services

Consultants use Compliance Aspekte to offer centralized compliance services to clients, allowing both parties to track tasks and progress efficiently. The platform enhances collaboration for consulting firms and external auditors.

Compliance Aspekte for Microsoft Azure-based infrastructures

Compliance Aspekte allows organizations building ISMS and DPMS around their Azure IT-infrastructure:

· Extracting essential information about IT assets from Azure like virtual machines, applications, services, users, etc.

· Assigning requirements and relevant threats from BSI C5, BSI IT Grundschutz, ISO/IEC 27001, and other regulations to Azure IT assets, enabling compliance and risk management.

· Monitoring changes in Azure IT infrastructure, creates summaries, and notifies responsible parties of changes

· Logically connecting assets to create dependency graphs to manage business continuity