Articles

Governance vs. compliance: How do they work together?

There are numerous benefits to considering governance and compliance as part of GRC. Read here and learn more about the opportunities.

What is data governance?

A good data governance framework ensures that data is used effectively and responsibly across the entire organization. Read and learn more about it here.

Data minimization within GDPR

Data collection must be balanced with GDPR requirements for data minimization. Learn more about what data minimization is and how it can reduce risks.

Contract management - get the most out of your contracts

All organizations have contracts, but only a few actively work with contract management. Read on and learn more about contract management.

High or low GRC maturity; how is your organization doing?

An organization's GRC maturity influences whether you work in silos or have a streamlined approach to GRC. Learn more about why a high level of maturity is important.

What is Schrems II?

Schrems II has changed the rules of the game for transatlantic data transfers. Get insights and understand the consequences for your organization.

COSO: A framework for internal control control

COSO helps organizations in designing, implementing and evaluating internal controls. Read more about the framework and its advantages here.

DPIA - When and how to conduct an Impact Assessment?

Read on for an overview of what a DPIA is, when it is required, and how to conduct an Impact Assessment.

GDPR Article 13: Information to provide when collecting personal data

Article 13 of the GDPR poses several requirements for the data controller - the so-called “right to be informed”. Read on to learn more.

General Data Protection Regulation: Obligations and rights

GDPR - the EU’s Data Protection Regulation - gives individuals rights and imposes obligations on organizations. Read on for an overview.

Incident Management: Monitoring and learning from incidents

Incident management is a crucial component of any organization. Read on to learn how you can effectively monitor incidents and learn from them.

What is an ISAE 3000 Report?

An ISAE 3000 report serves as documentation of an organization’s compliance with GDPR. It can be created for internal purposes or at the request of clients. Learn more here.

What is an ISAE 3402 Report?

An ISAE 3402 report is prepared by an auditor to assess whether an IT service provider manages IT security effectively and adheres to industry best practices.

Get started with NIS2

Achieving NIS2 compliance requires strong leadership, thorough risk assessments, and the integration of security requirements into your existing frameworks. Here's everything you need to know to get started.

CIS18 – What is it, and how can you use it?

CIS18 is an international framework designed to help organizations strengthen their cybersecurity. Read below to learn about its benefits.

ESG vs. CSR - What's the difference?

ESG and CSR are key terms in the sustainability debate. Understand what differentiates them and why it's important to know the difference.

Data Retention Policies: How long can you store personal data?

The Danish Data Protection Agency has regulations on data retention. Read about deletion policies and related issues here.

What is GDPR and how does it affect your organization?

GDPR, or General Data Protection Regulation, is the European regulation that governs data protection and privacy, taking effect on May 25, 2018.

Gain insight into the DORA regulation

DORA applies from January 17, 2025. Read on to see what the regulation entails and what it means for your organization.

What is GRC and what are the benefits of a good GRC program?

GRC is short for governance, risk and compliance and is a structured approach to organizational operations. Read along to understand the essence of GRC.

Managing Supply Chains With ISO 27001

Discover how ISO 27001 shapes supply chain management to safeguard data and enhance security. Read more for compliance strategies.

NIS2 Compliance: What does the NIS2 directive require?

Learn more about how NIS2 requirements affect internal workflows and how to implement the directive in your organization.

SoA: Statement of Applicability - What significance does it have?

An SoA is a requirement of the ISO 27001 standard. Read along and understand the role the document plays in information security.

Take advantage of GDPR's business benefits

GDPR isn't just a nuisance - it can also be a source of great business value. Read along here as we highlight three positive benefits of GDPR.

What is compliance and why is it important?

What is compliance, why is it important, and what is the purpose of following established rules and procedures? This article examines these questions.

What is governance and why is it important?

Good corporate governance ensures a strong and competitive organization. Read more about what governance is and why it is important.

ESG Reporting: Get Started With Reporting

ESG reporting serves as important insight into your organisation and increase competitiveness. Learn more and get started with ESG reporting.

What Is Policy Management, and Why Is It Important?

Policy management helps organisations keep track of relevant processes and ensures compliance with regulatory changes. Read more here.

Supply Chain Security: Get Started with Third Party Risk Management

Supply chain security and Third Party Risk Management are crucial in the EU's regulatory landscape. Read more and understand external risks.

Understanding the EU Sustainable Finance Package

EU's Sustainable Finance Package (SFP) is an key component of the EU's strategy to achieve its climate goals. Read about SFP here.

NIS2 vs. ISO 27001: Understand the connection

The NIS2 introduces new cybersecurity requirements for EU firms and indirectly for EU suppliers. Read more on ISO 27001 can help you prepare.

ISO 27001: Best practices for ensuring information security

Information security in your organization should be ensured based on ISO 27001. Read to understand how the standard can help you.

NIS2: Understanding the Network and Information Security Directive

Get an insight into the NIS2 Directive and its impact on cybersecurity. Understand the key aspects and implications of the legislation in minutes.

SFDR - The EU Sustainable Finance Disclosure Regulation

Financial institutions must adhere to a set of rules regarding sustainable reporting. The regulation is known as SFDR – learn more about what that means.

What is ESG and why is it important?

ESG (environmental, social and governance) will be inevitable in the future. Understand ESG and get ready to implement it in your organization.

The new EU Corporate Sustainability Due Diligence Directive (CSDDD)

The EU's new Corporate Sustainability Due Diligence Directive puts a focus on human rights and the environment. Read more about the CSDDD here.

What is risk management and why is it important?

Risk management is about various factors that can affect the realization of your organization's goals. Read along and learn why it's so important.

NFRD vs. CSRD - what's the difference and how does it affect you?

We take a closer look at NFRD compared to CSRD and compare the differences between the two directives, and what that essentially means for you

Key Factors for Successful Implementation of the CSRD

Discover the key factors for successfully implementing the Corporate Sustainability Reporting Directive. Start with management support and find the right tools. Learn more and get started today.

Double Materiality: What is it and what does it mean?

Double materiality recognizes that risks and opportunities can have financial and non-financial dimensions. We dive in on the topic here.

Driving the Necessary Change: Fostering a Culture of Compliance

Compliance is an ongoing process that all employees should contribute to. Read and understand why a cultural shift is necessary for success.

ESRS – understand the European Sustainability Reporting Standards

ESRS are the EU standards that describe the requirements for future sustainability reporting. Read on to understand what it's all about.

What are the benefits of an ISO standard?

ISO standards are varied, and wide-ranging and cover many different areas of business. But why are ISO standards important, and what are the benefits of working with them?

ISMS: What is it and why do you need it?

ISMS is a management system for managing information security. Read here what it is and what requirements it must meet.

Manage Your Organization's ESG Risks

Environmental, social and governance risks are critical to financial performance. Continue reading to identify and manage your organization's ESG risks.

6 reasons NOT to use Excel to get an overview of GDPR

Are you using Excel for GDPR purposes? While it has useful features, this article explains why you should refrain from doing this. Read more here.

CSRD: New EU Directive on Sustainability Reporting

The CSRD is a new EU directive that tightens organisations' sustainability reporting requirements. Learn more about it here.

What is the EU Taxonomy for for sustainable activities?

The EU taxonomy is a set of rules for when something is considered environmentally sustainable. Read on to see how it affects you.

EU Green Deal: A climate-neutral continent by 2050

The European Green Deal is the EU's main new growth strategy to transform the EU economy into a sustainable model. Read on to find out more.

CSRD solution offers a framework for compliant reporting-readiness by 2025

We are excited to announce the launch of a new CSRD software solution that offers ESG professionals an efficient implementation and governance framework.