plan42 > Business Solutions > IT Compliance

IT Compliance

taurus20000 & taurus27001

IT Compliance Tool taurus - Business Solutions

The Minimal-Effort Solution

IT frameworks such as ISO 20000 or ISO 270001 are by no means only an issue for global players: almost every IT organisation has become subject to all or parts of the requirements that these standards define. However, it is often tremendously time-consuming and expensive for companies to identify their compliance status and the controls they need to implement.

taurus offers a systematic and minimal-effort approach: a tool for internal compliance audits and assessments, it uses pre-defined questionnaires to derive missing controls and list them for implementation. Its centralised administration allows you to maintain an overview of your project status at any time and to coordinate cooperation across organisational levels. Perform even comprehensive projects with your internal resources – while maintaining absolute flexibility regarding audit scope and depth.

IT Compliance in 5 Steps

1 Creating Your Model

Create a model of your scope (e.g. your IT infrastructure or the services you are looking at) and define interdependencies as well as responsible groups.

2 Assigning Questions

Once you start the audit, taurus automatically assigns the relevant questions to the objects in your model and creates individual questionnaires for the responsible groups.

3 Deriving Controls

Based on the answers given, taurus identifies any areas of non-compliance. A task is created for each missing control and automatically assigned to the appropriate persons.

4 Planning Implementation

taurus allows you to estimate costs and duration for each task, thus facilitating adequate resource planning.

5 Monitoring Progress

Providing you with a number of comprehensive reporting features, taurus keeps you up-to-date regarding progress and status of your compliance project.

Your Benefits at a Glance

  • Minimal Effort:

    taurus automatically selects the appropriate questions and controls, enabling you to carry out audits with your internal resources – and without in-depth knowledge of the standard to implement.

  • Flexibility:

    Once created, you can re-audit your model at any time and adapt audit scope and depth if required. This allows you to limit re-audits to specific parts of your model and specific controls, or to add new objects quickly and easily.

  • Top-Down Approach:

    Models are created from the business perspective, which enables you to identify components crucial for value creation and thus helps you prioritise control implementation.

  • More Efficiency:

    Centralised administration in taurus facilitates cooperation between different responsibility groups and organisational levels.

Available Standards

taurus can be used with a number of different standards that are provided as individual modules. The following modules are currently available:

  • ISO 27001
  • ISO 20000
  • ITIL
  • CobiT
  • IT-Grundschutz

Upon request, we are happy to offer you a host of other frameworks as well, e.g. SAS70 for service auditors or GLP/GMP for the pharmaceutical industry. Besides, new modules may be added by the clients themselves.

Try it for Yourself

If you would like to try our free and no-obligation web demo or if you have any further questions, please feel free to contact us.