Compliance-Management

In the QSEC® Compliance Management module, the norms, laws and individual requirements catalogues/specifications are evaluated based on existing questions. The maturity levels of the requirements (controls, chapters, etc.) are evaluated based on the questions answered and the related measures. The evaluations can be carried out by the assigned responsible persons in relation to specific issues.

As part of the regular assessments or self-assessments, a differentiated evaluation of the compliance status is carried out according to the requirements of the standard to be examined. The assessments can be performed for defined customer organizational units.

For existing requirements catalogs, predefined question catalogs are available. Since the regularly required evaluations are often only carried out once a year, the evaluators can use the user-friendly Compliance Wizard. The Compliance Wizard guides the user through the processing steps according to predefined processing description tools. All evaluations are historicized and can be evaluated based on compliance reports.

 

Compliance-System-QSEC

QSEC®: Compliance Management System – Wizard

In QSEC Compliance Management not only a variety of norms can be stored and evaluated but also an internal control system can be implemented.
QSEC offers the possibility to flexibly store the variety of norms and requirement catalogues and to audit them according to a structured method.

Features (excerpt)

  • Status assessment according to the Plan Do Check Act methodology (PDCA)
  • IT compliance assessment according to various approaches (including the question catalogues for the implemented rules and regulations)
  • Maturity evaluation with target/actual comparison at control level
  • Automatic, customizable resubmissions for controls
  • Definition of IT compliance target values
  • Determination of the gaps (actual/target value)
  • Generation of measures to achieve the compliance target values
  • Deposition of documents
  • Link to other standards (control-control link)
  • Creation of a Statement of Applicability (SoA) report

QSEC modules

Data-Protection-Management-System-QSEC Information_Assets Compliance_Management_System
IT-Risk-kachel Security Incident Management Measure-Management
Document-Management Master-Data-qsec Business_Continuity_Management
Reporting-Dashboard Interview-Wizard Interview-transfer-Wizard
Compliance-Wizard Risk-Assessment-Wizard Security-Level-Wizard
Measure-Evaluation-Wizard Usability Task-Manager
Administration Technology