SpotON – our blog around digital compliance in enterprises
SpotON – Digital Compliance
Read here regularly on selected topics, developments and news from the areas:
SAM & Cloud – use software legally compliant and cost-effective
IT Security & Threat Intelligence – protect the IT landscape effectively
Data & Digitization – manage digital assets across the lifecycle
Complion Insights – look behind the scenes of digital compliance consultants
01/06/2023
Success factors for the introduction of holistic IT provider management
IT Provider Management defines and coordinates the strategic selection, relationship building, and operational communication and interaction with (strategic) IT providers on functional, technical, and commercial topics. This includes all IT-related services in the areas of commodities (e.g., hardware, standard software), managed services, and consulting. The focus is on the needs-based and risk-oriented selection of providers. A holistic approach increases the efficiency and effectiveness of IT provider management. But how does the introduction of holistic IT provider management succeed? In this blog post, we would like to present the most important success factors.
Our company is made up of people and we want to introduce them to you in the coming weeks and months. Today we are chatting with Stephanie Riesebeck, Co-founder of Complion. We'll find out what makes COMPLION means to her, what her daily tasks are, and what she does when she's not working on customer projects.
The importance of IT asset management in cost-saving programs
IT asset management is the efficient administration of IT assets over the entire lifecycle, such as software, hardware and cloud resources. The goals of IT asset management in addition to asset tracking to achieve transparency, are the cost-efficient use of IT resources and the reduction of IT risks (e.g. within license management or IT security).
The use of Microsoft 365 product suites is now widespread. Since the beginning of the year, Microsoft has been offering new online services on an almost monthly basis, for which additional licenses can be purchased in addition to the M365 plans - even to M365 E5. The question quickly arises whether Microsoft might not bundle these services into an M365 E7 in the future. This article summarizes recent developments and looks ahead to a possible E7 license.
ChatGPT: The software that can do everything? Functional scope as well as opportunities and risks for companies
The topic of artificial intelligence is currently on everyone's lips - but it is far from new. The "logic theorist" was programmed in 1956 as the first "AI software" by John McCarthy to verify mathematical proofs or to develop new mathematical proofs, which he also succeeded in doing.
With ChatGPT, a "disruptive" revolution in work is at the gates, accompanied by as many outcries and cries of doom as the Internet or Blockchain delivered in their turn. At the beginning it is important to know what the program does at all and what it can do in its current version 4.
"Entering the professional world as a management consultant?" is a move I would make again!
After 15 years in consulting in the area of software governance, risk and compliance, I was asked the question of what challenges (or perhaps even fears?) I had to overcome back then when I started my career. Thinking about it a bit, I can now say that these were mainly due to preconceptions such as long travel times, lots of overtime, and strong pressure to perform.
The importance of soft skills in consulting: What is crucial in addition to technical skills.
Professionally, we at CompliON have the most diverse backgrounds. Some team members have more classical degrees with regard to a job in IT management consulting, such as in economics and computer science. Our colleagues with a more exotic background studied e.g. history, engineering or political science. The range of our (previous) professional experience is also diverse: while some colleagues started as consultants directly after graduation, working for software manufacturers or in IT departments, others gained experience in event management, event sales, as teachers or even at the United Nations.
So what is our common denominator?
Selection of a suitable information security standard from the perspective of small and medium-sized enterprises (SMEs)
As early as 2021, the BSI classified the cybersecurity situation in Germany as "critical" in its annual report. Geopolitical changes, such as the Russian war of aggression in Ukraine, are exacerbating the dangers to which companies are exposed.
Legal and contractual requirements are also increasingly influencing information security in one's own company. Whether KRITIS VO or cyber insurance requirements – it is often necessary to prove the implementation of an information security standard. But what is that and how do you choose the right standard? Especially as an SME?
The Supply Chain Sourcing Obligations Act - A Critical Appraisal
Since this year at the latest, the Supply Chain Compliance Act has been occupying many companies and especially their risk management functions. What at first sounds long and unwieldy has been analyzed by Christian Grabner to see whether it will achieve its goal.
Everyone knows that the term backup stands for data protection and that this can prevent sleepless nights. Backup and sleepless nights, how does that fit together? Well, let me tell you a short story. Everyone has been in a situation where they would rather grab a coffee before backing up their work product. Then it happens: one rash move and the freshly brewed coffee is enjoyed by the laptop rather than by you. Enjoying is the wrong expression here. The laptop is gone... You curse at your own stupidity and spend the coming time trying to somehow recover your data. That's exactly what happened to me.
Vertrags-Compliance, IT-Sicherheit und andere Risiken
A vendor management process, a contract database, a SAM - what else can happen.
A cyber security vulnerability management system, good asset visibility, a SOC - retirement is safe.
Right?
Vendor marketplaces offering applications, application extensions and services to customers are gaining importance. Most people are very familiar with these concepts of purchasing applications or subscribing to services in cloud environments in their private life. However, the usage of these kind of marketplaces in the corporate environment is only starting to spread.
