In general, compliance refers to the observing of applicable rules, standards or laws. Regulatory compliance characterizes goals that organisations seek to achieve in their efforts to ensure that they are aware of and take measures to comply with laws, standards or rules.
We support your compliance strategy development process in:
- Definition of targets (risk minimisation, efficiency and effectivity maximisation) and related requirements
- Compliance Management Systems
- Prerequisites (process of compliance, culture)
- Ensure implementation of processes
We have extensive experience with national (basic IT basic protection) and international compliance standards (*SAS70, SSAE 16, Payment Card Industry Data Security Standard (PCI / PCI-DSS), CISSP Certified Information Systems Security Professional).
*SAS70 (Statement on Auditing Standard 70: Service Organizations) of American Institute of Certified Public Accountants (AICPA). This standard defines in which way surveys internal and with service suppliers have to be conducted. By now this standard has been replaced the SSAE 16 standard (USA) and is similar to the international ISAE 3402 standard .