CRISAM® is a method-based GRC standard solution for the areas of Enterprise Risk Management, Information Risk Management, Data Protection Management and Compliance & Policy Management. Every industry has its own requirements and CRISAM® offers versatile possibilities for your company as well.
Companies are guided by standards, regulations and best practices. They are either obliged to do so and are audited by an authorized body, or they bind themselves voluntarily in order to communicate compliant behavior. Very often, it is more than just a compliance reference against which compliance must be demonstrated. For example, IT is measured, audited and reviewed against the references ISO 27001, ISO 20000, COBIT, SOX as well as applicable laws.
At the same time, different industries require different compliance proofs. In specific industries, additional supplementary audit frameworks are required. To ensure that this compliance evidence is up-to-date and can be provided with reasonable effort, CRISAM® automatically derives the compliance evidence from the underlying content libraries and presents the level of compliance in reports and in the CRISAM® Dashboard. As content libraries are updated, specific customer requirements are met, and new standards are released, support is continuously updated and expanded.
CRISAM® is used by a wide variety of companies and organizations. In particular, these are companies classified as critical infrastructure (CRITIS) or industries known for their increased requirements, such as AUTOMOTIVE, FINANCE, HEALTH and ENERGY. Due to the extensive content available with CRISAM®, compliance can be checked for the following IT standards, among others:
What else is there…
|
