fuentis GRC Suite
Compliance Implementation. Documentation. Monitoring.
The fuentis GRC Suite offers you an integrated system for the structured implementation, monitoring and documentation of your information security.
Especially for organizations that BSI IT-Grundschutz is the fuentis GRC Suite with integrated modules for ISMS, BCMS and DPMS the ideal solution - for public authorities, large companies and institutions.
Holistic solution for Information security
The fuentis GRC Suite enables efficient information security management and effective risk management by integrating all your organizational information and data into one central system. This holistic view enables you to optimize your compliance processes, manage them successfully and achieve sustainable results.
The fuentis GRC Suite makes it easier for you to implement management processes and controls, leading to improved workflow design. With a comprehensive and effective risk managementincluding emergency plans, you are well-prepared.
Why the fuentis GRC Suite?
- Integration of all functions and data. Centralize your information security for maximum efficiency.
- Optimized information security. Increase success and sustainability through improved processes.
- Effective risk management. Protect your company with holistic strategies and emergency plans.
- Simplified processes and controls. Simplify processes and increase productivity.
- Adherence to compliance requirements. Easily meet all legal and business requirements.
All-In-One Compliance solution
The fuentis GRC Suite offers you a Modular and integrative solutionwhich combines various management systems and standards on a single platform.
Flexibly cover all aspects of information security: Beginnen Sie mit dem Aufbau eines Informationssicherheitsmanagementsystems (ISMS) and extend it as required with Business Continuity Management (BCMS) and Data protection management (DPMS). Thanks to the modular expandability The fuentis GRC Suite easily adapts to your requirements, while you benefit from the synergy effects of the standardized database, the fuentis CMDB-Modulbenefit.
- Risk management. Only take demonstrably acceptable risks based on recognized standards.
- Information security management. Protect your information appropriately against loss of confidentiality, integrity and availability in accordance with ISO 27001/27002 and BSI IT-Grundschutz.
- Compliance management. Ensure compliance with legal, civil and internal requirements.
With the fuentis GRC Suite Integrate all these systems seamlessly and control them centrally. This facilitates the implementation of efficient processes and controls, improves your risk management and ensures compliance with all regulatory requirements.
Tried and tested Usability for your compliance management
The fuentis GRC Suite convinces with its proven usabilitywhich enables intuitive and efficient operation. Easily record your IT systems, applications, networks and other relevant information. With the modeling and the layer model according to BSI IT-Grundschutz, you can structure your information security optimally.
The fuentis GRC Suite facilitates your Compliance-Process and enables the Management of multiple security concepts in one tool. Thanks to network capability, Multi-client capability and Bilingualism (German/English), the software adapts flexibly to your requirements. Functions such as history management at field level, simple database updates and the import function for databases from third-party ISMS tools make your day-to-day work easier.
With regular updates to the BSI IT-Grundschutz compendium, you are always up to date. Rely on a proven solution that is characterized by User friendliness and Extensive functions convinced
Vielseitige Features für Ihre Informationssicherheit
Die fuentis GRC Suite erleichtert Ihnen die Einführung, Steuerung und fortlaufende Optimierung effektiver Mechanismen und Verfahren nach dem PDCA-Zyklus (Plan-Do-Check-Act). So gewährleisten Sie die Informationssicherheit innerhalb Ihrer Organisation.
Die fuentis GRC Suite unterstützt eine Vielzahl von Standards und Regularien, darunter:
Die fuentis GRC Suite ist für die nahtlose Integration mit der fuentis CMDB und weiteren Modulen wie dem Datenschutzmanagementsystem (DPMS) or the Business Continuity Management System (BCMS) konzipiert. Zudem ist das fuentis Dokumentenmanagementsystem (DMS) für die Dokumentenlenkung integriert.
Die fuentis GRC Suite unterstützt Sie dabei, Ihr Informationssicherheitsmanagement effektiv zu gestalten und stets auf dem neuesten Stand zu halten.
Governance, Risk & Compliance Management has a new name. fuentis GRC Suite.
The fuentis GRC Suite provides you with an integrated management system with a holistic methodology. You decide flexiblywhether you are looking for IT Grundschutz protection, ISO 27001 or both standards - also Industry standards and internal catalogs are easy to implement.
The Central database covers all organizational areas and can be individually configured with specific Security and management modules how ISMS, Emergency management, data protection management and Document control expand.
Developed according to the safety concept and procedure of the BSI IT-Grundschutz the fuentis Suite is the technical successor to the GSTool - for future-proof information security in your company.
Expertise at the touch of a button
The convenient way to the next audit
Average time saving
%
Thanks to practical workflows and efficient automation
Average cost saving
%
Compared to traditional consultants
Convinced customers
+
and even more successful projects
Uptime guarantee?
%
with certified data center
Functions & advantages of the fuentis GRC Suite
The most important functions and advantages of the fuentis Suite, from the central data hub (CMDB module) and information security management (ISMS module) to data protection management (DSMS module) and emergency management (BCMS module)
IT inventory management - the easiest way to BSI IT-Grundschutz, from preparation to implementation.
Create security concepts according to ISO 27001 and BSI IT-Grundschutz
Plan and execute risk analyses (compliance, risk management)
Control documents and records
Plan and perform internal audits
Plan and implement business continuity management
Data protection management, e.g. by generating procedure directories and documenting prior checks and data protection audits
Classification of information, processes, suppliers, etc. For example, according to security, risk, compliance and data protection aspects
Visual data modeling and extensive evaluations for processes, organization, IT, infrastructure, etc.
Find out more about the modules now.
BCMS
Effective IT emergency management requires a planned and organized approach to IT emergencies. With the fuentis GRC Suite, you are optimally prepared for all eventualities.
DPMS
Secure data protection requires detailed safeguards and a versatile data protection management system. With the fuentis GRC Suite, data protection officers have the EU GDPR securely under control.
CMDB
The fuentis GRC Suite bundles all the organisation's data and information in a central, powerful database. Ideal for inventorying assets in accordance with the IT Infrastructure Library (ITIL).
Manage and verify security catalogues with fuentis ISMS
The fuentis GRC Suite offers all the important building blocks to legal standards, regulations and guidelines, link requirements and demonstrate effective measures.
Clear, up-to-date and free of redundancies - always in real time.
Standards & Catalogues
Find out which standards and catalogues you can implement with the fuentis GRC Suite.
BSI Grundschutz
Find out more about the BSI standards now.
ISO 27001
Find out more about ISO 27001 now.
KRITIS
Simply fulfil NIS2 and KRITIS. Find out more now.
TISAX
Find out more about the industry standard.
SOC2
Find out more about the cloud and SaaS standard.
Standard not included?
Find out more about other standards in a personal discussion with our experts today.
Frequently asked questions
How is an ISMS established?
To set up an ISMS, the first step is to define the scope in which information security management is to be operated. Then the business processes, assets and information requiring protection are identified as part of a structural analysis. Assets in an ISMS include software, hardware, network, rooms, buildings, physical facilities, and interfaces to customers and service providers.
The best way to develop the structure of the ISMS is to work out an infrastructure network plan together with the departments involved.
How are security risks dealt with in an ISMS?
Risks to information security, in the form of vulnerabilities and possible threats to assets worthy of protection, are determined and identified in a structured manner in a risk analysis process of the ISMS.
Depending on the risk treatment of risks (e.g., reduction of the probability of occurrence or reduction of the impact of damage), defined measures can be assigned to the assets in the ISMS. These are prioritized and applied in summary form in a risk treatment plan.
Can the BSI IT-GS Compendium be updated for each security concept?
It is possible to update a new edition of the BSI IT-Grundschutz Kompendium (GSK) for each individual security concept or information network, for example if different certification schedules are planned.
Kann das BSI IT-GS-Kompendium für jedes Sicherheitskonzept aktualisiert werden?
The test questions of the BSI IT-Grundschutz Compendium (GSK) can be provided incl. annual updates with compendium in order to then automatically derive the status of requirements from the answers to the test questions.
Does the fuentis ISMS module offer a referencing function?
What does ISMS mean? What does ISMS stand for?
In simplified terms, compliance means legal conformity, i.e. the observance of legal provisions and regulations by organizations or companies. In a broader sense, compliance is understood to mean the observance of and adherence to established rules of conduct within the framework of the social value system - key words being professional ethics, social responsibility, environmental protection.
Are there specifications for an ISMS?
In principle, companies and organizations are free to decide how to set up their ISMS. The information security standard ISO 27001 defines the requirements and procedures for certifying an ISMS.
In addition, ISO 27002 offers concrete recommendations for implementing an effective ISMS.
Wie sieht ein PDCA-Zyklus in einem ISMS aus?
The operation of an ISMS is to be understood as a regular operation in which monitoring and reporting are to be implemented. In addition to internal/external audits, a continuous improvement process should be established in the form of a Plan-Do-Check-Act (PDCA) cycle. In the PDCA cycle, the conclusions drawn from verified measures are decisive for further action. The fuentis ISMS generates valuable findings even for complex systems to be controlled.
How is an ISMS established?
How are security risks dealt with in an ISMS?
Can the BSI IT-Grundschutz Compendium be updated for each security concept?
Are test questions from the BSI IT-Grundschutz Kompendium (GSK) made available?
Does the fuentis ISMS module offer a referencing function?
The referencing function in the context of modeling can be performed not only on entire building blocks but also on individual requirements or measures. In addition, modules, requirements or measures from other scopes can be referenced.
Does the tool offer the possibility of an audit-proof dual control principle?
A four-eyes principle (workflow steps: capture, approval, reopening, rejection) can be used for the phases protection requirements assessment, modeling/IT-GS check and risk analysis. The role concept can define which users are allowed to perform which workflow steps. Audit-compliant documentation of the individual steps is provided in the form of tables and reports.
Is there assistance available for the protection needs assessment (SBF)?
The protection requirement can be determined with the help of an individual SBF questionnaire. Several questions can be set for the protection objective (confidentiality, integrity, availability and others) to determine the protection requirement.
Which IT security catalogs can be mapped in the fuentis Suite?
There is a flexible, comprehensive catalog manager in order to apply, in addition to standards such as BSI IT-GS, ISO 2700x, C5, KRITIS (B3S), TISAX, BAIT, VAIT, KAIT, etc., also various own catalogs consisting of building blocks, requirements, measures, vulnerabilities, damage scenarios, questionnaire for SBF in the IT security concepts.
Can building blocks, requirements, measures and risks be displayed in the dashboard?
In the dashboard, reports are provided for analyzing the implementation of building blocks, tasks, measures, and hazards (or risks), among others, per scope, object, responsible party, priority, classification level, budget, and security level.
You can configure the dashboard.
What does compliance mean?
Welche Ziele hat Compliance
What is the purpose of compliance management?
Securely networked for you! Our partnerships & memberships for a secure future.
