CISO Datenschutz GmbH, based in Krefeld, provides services in the areas of data privacy and IT security. With clients across various industries in more than 15 countries worldwide, the consulting firm is dedicated to helping companies comply with and implement data privacy regulations.
Challenge
“We have absolute specialists on our team,” says Niklas Koenig, describing what sets CISO Datenschutz apart, “and also a very strong network in the field of data privacy, allowing us to provide comprehensive support to our clients.” The CISO Datenschutz team takes a highly solution- and practice-oriented approach. They hold more than 7 certifications and awards, which they have already successfully applied in over 175 process optimizations for the benefit of their clients. “As seen in developments in the U.S. and Brazil, data privacy is a German export. Multilingualism is therefore very important for our clients and, consequently, for our consulting services,” Mr. Koenig continues.
Furthermore, it is not merely a matter of simple documentation in accordance with the EU General Data Protection Regulation (GDPR). Rather, the combination of this with multi-client capability and the ability to integrate other compliance areas such as information security and auditing with data protection management is essential for the expansion of their consulting business.
Requirements for the Software Switch
CISO Data Privacy has already gained experience with other data privacy management software and therefore knows exactly which management software best supports its consulting services for clients: “We primarily focus on data privacy consulting, but we also provide external data privacy officers when requested. However, good compliance management software must be capable of more, as we also conduct audits and support our clients in the area of IT security.” All of this needs to be efficiently combined in a single software solution, explains Niklas Koenig regarding the selection criteria for data protection management software.
It was also particularly important to him to be able to work within the software alongside his clients to avoid error-prone and time-consuming email communication, including document attachments. “We were looking for a central hub for various GDPR topics because data privacy is increasingly intertwined with related fields,” says Niklas Koenig.
Implementation
Offering Future-Proof Consulting with Efficiency
Compared to other software, AKARION stood out due to its most comprehensive compliance offering, its combinable modules, and, above all, its efficient web forms and template accounts.
The CISO for data privacy views the AKARION GRC Cloud as a very powerful tool that is nevertheless easy to use thanks to its highly intuitive user interface. In addition to a brief training session on the system, the Help Center also provided support, enabling the team to get up and running quickly.
“Although we could have simply imported all our existing documentation ourselves, we wanted to take the opportunity to thoroughly review and update our existing documentation.” The CISO Data Privacy team thus used the switch from the other data privacy management software to the GRC Cloud as an opportunity to review their own documentation and standardize it where necessary.
At CISO Data Privacy, the focus currently remains on data privacy consulting. However, the Akarion GRC Cloud can scale with the business as CISO Data Privacy continues to expand its own consulting portfolio in the areas of IT security and auditing, explains Niklas Koenig. “The integration of the data privacy module and data privacy documentation with the other modules and content of the GRC Cloud makes cross-functional work even more efficient.” Niklas Koenig illustrates with a simple example that using even just one module of the GRC Cloud is a real efficiency driver: “When we acquire a new client, the AKARION Data Privacy Module of the GRC Cloud saves us more than 55% of the time required for GDPR documentation—time that we can now use to provide personalized consulting to our clients.”
But his team is now also significantly faster when it comes to existing clients. The template account helps them roll out changes, so that instead of 1 hour, they only need to spend 10 minutes on it. In addition, processing activities and technical-organizational measures can be requested from contacts with just a few clicks via web forms and transferred to the data privacy module.
One software solution for all GDPR topics
Niklas Koenig’s goal of using as few systems as possible for data privacy at CISO in the future has come a good deal closer with the Akarion GRC Cloud. “All GDPR-relevant topics can be mapped via the GRC Cloud: from the record of processing activities to data breaches and the notarization of documentation. I highly recommend the Compliance Cloud to everyone. As a data protection officer, I really don’t need any other documentation software anymore.”
