is one of the three most important management activities. These are governance, risk management and compliance. In general linguistic usage of companies, the compliance means the compliant conduct towards laws, guidelines and other sectors or company-specific requirements.
As part of the entire compliance in a company the IT compliance deals with the adherence to legal requirements and other guidelines which are applicable on the information technology of a company.
Further concentrates IT compliance management not only on the setting up of appropriate processes, but also on the documentation and control of compliance with the company’s relevant provisions, as well as on the achievement of an awareness of regulatory compliance for its employees.

Main areas of compliance

The WMC consultants support you in the analysis, design and implementation of compliance requirements within the company. Our core areas: legal conformity, risks related to IT systems and IT processes and topics such as data archiving, information security, availability and data protection.

The goal of our consulting is to establish IT compliance in a process-optimized manner and to ensure compliance monitoring, which involves a status assessment according to plan-do-check-act methodology and includes an evaluation of maturity with target / actual comparison. In this way, gaps can be identified and measures to achieve the IT compliance tasks optimally implemented. The process according to an IT compliance framework enables the Information Security Officer (ISO) to involve also all other process participants (IT production managers, risk managers, etc.) in the subject matter within the scope of their responsibilities.

References – an extract:

  • arvato systems (Bertelsmann Gruppe)
  • DVAG (Deutsche Vermögensberatung AG)
  • Germanischer Lloyd
  • Huf Hülsbeck & Fürst GmbH
  • Marquardt GmbH
  • NDR
  • Veolia Umweltservice GmbH
  • ITERGO (ERGO Konzern)

Learn more about the QSEC Compliance module

Compliance with QSEC