SpotON – our blog around digital compliance in enterprises
SpotON – Digital Compliance
Read here regularly on selected topics, developments and news from the areas:
SAM & Cloud – use software legally compliant and cost-effective
IT Security & Threat Intelligence – protect the IT landscape effectively
Data & Digitization – manage digital assets across the lifecycle
Complion Insights – look behind the scenes of digital compliance consultants
20/04/2023
The importance of soft skills in consulting: What is crucial in addition to technical skills.
Professionally, we at CompliON have the most diverse backgrounds. Some team members have more classical degrees with regard to a job in IT management consulting, such as in economics and computer science. Our colleagues with a more exotic background studied e.g. history, engineering or political science. The range of our (previous) professional experience is also diverse: while some colleagues started as consultants directly after graduation, working for software manufacturers or in IT departments, others gained experience in event management, event sales, as teachers or even at the United Nations.
So what is our common denominator?
Selection of a suitable information security standard from the perspective of small and medium-sized enterprises (SMEs)
As early as 2021, the BSI classified the cybersecurity situation in Germany as "critical" in its annual report. Geopolitical changes, such as the Russian war of aggression in Ukraine, are exacerbating the dangers to which companies are exposed.
Legal and contractual requirements are also increasingly influencing information security in one's own company. Whether KRITIS VO or cyber insurance requirements – it is often necessary to prove the implementation of an information security standard. But what is that and how do you choose the right standard? Especially as an SME?
The Supply Chain Sourcing Obligations Act - A Critical Appraisal
Since this year at the latest, the Supply Chain Compliance Act has been occupying many companies and especially their risk management functions. What at first sounds long and unwieldy has been analyzed by Christian Grabner to see whether it will achieve its goal.
Everyone knows that the term backup stands for data protection and that this can prevent sleepless nights. Backup and sleepless nights, how does that fit together? Well, let me tell you a short story. Everyone has been in a situation where they would rather grab a coffee before backing up their work product. Then it happens: one rash move and the freshly brewed coffee is enjoyed by the laptop rather than by you. Enjoying is the wrong expression here. The laptop is gone... You curse at your own stupidity and spend the coming time trying to somehow recover your data. That's exactly what happened to me.
Vertrags-Compliance, IT-Sicherheit und andere Risiken
A vendor management process, a contract database, a SAM - what else can happen.
A cyber security vulnerability management system, good asset visibility, a SOC - retirement is safe.
Right?
Vendor marketplaces offering applications, application extensions and services to customers are gaining importance. Most people are very familiar with these concepts of purchasing applications or subscribing to services in cloud environments in their private life. However, the usage of these kind of marketplaces in the corporate environment is only starting to spread.
Our company is made up of people, and we want to introduce you to them over the coming weeks and months. Today we are having a chat with Lennart Hollweg, our newcomer in the area of Commercial IT Management. We'll find out what makes COMPLION tick for him, what his daily tasks are, and what he does when he's not working on customer projects.
Based on the transition into the cloud throughout the past years, a multifaceted environment with different cloud vendors or also in a hybrid mode has developed in a lot of companies. For a lot these organizations it has proven to be quite a challenge to retain cost transparency in such a complex setup and manage these environments efficiently.
IT compliance and tomorrow's National Chocolate Covered Peanuts Day (the 25th of February each year)
In honor of this day, invented, if we may trust the sources, which are not clear, 15 years ago, today we consider the exciting parallels with an area with which we are familiar, IT compliance!
Developing a concept for a knowledge management system
"Our employees are our most valuable asset" is a quite common phrase alluding to the importance of knowledge and competencies of employees. Accordingly, every organization should strive to achieve a high level of knowledge and competence in a company. But how can it influence the degree of this level?
Gedanken zum internationalen "Ändere dein Passwort" Tag
It's that time again. The international "change your password" day has arrived, and users are encouraged to rotate their passwords. But is that even necessary anymore? Our IT security expert Tobias Philipsen has some thoughts on the topic of password rotation. So find out if you should change your password today in this blog post.
Our team is scattered all over Germany and now even as far as Vienna, so our annual get-togethers in the real world are always a highlight. This time we planned the start of the year in the snow. However, due to the high temperatures, even in the Alps, we had to reschedule from SnowOn to a NoSnowOn.
