Companies are guided by standards, regulations and best practices. They are either obliged to do so and are checked to that effect by an authorized body, or they bind themselves voluntarily in order to convey rule-compliant behavior. Very often it is more than just a compliance reference against which compliance must be demonstrated. For example, IT is measured, audited and reviewed against the references ISO 27001, ISO 20000, COBIT, SOX and applicable laws.
At the same time, different industries require different compliance proofs. Additional supplementary audit frameworks are required in specific industries. To ensure that this compliance evidence is up-to-date and can be provided with reasonable effort, CRISAM® automatically derives the compliance evidence from the underlying content libraries and displays the degree of compliance in reports and in the CRISAM® dashboard. As content libraries are updated, specific customer requirements are met, and new standards are released, support is continually updated and expanded.
CRISAM® is used by a wide variety of companies and organizations. In particular, these are companies assessed as critical infrastructure (CRITIS) or industries known for their increased requirements, such as AUTOMOTIVE, FINANCE, HEALTH and ENERGY. Due to the extensive content available with CRISAM®, compliance can be checked for the following IT standards, among others.
What else is there?