Buchholz Software

Haiko Buchholz CEO

  • Born: 1963, Rostock
  • Study: Dipl.-Ing. Communication Technology
  • self-employed since 1994
  • Certified data protection consultant (TÜV Nord)
  • Certified data protection auditor (TÜV Rheinland)
  • Certified Information Security Specialist (CISSP, ISC²)
  • Certified Information Security Officer (TÜV Nord)
  • Certified expert for information and telecommunication systems (DESAG)

From the idea to the product

The market is not saturated. It shouldn't be a problem to find software that covers both the data protection and information security needs of companies of all sizes, that serves the interests of the company and the people who work there or for whom the company works. The minimum requirements sound relatively simple:

  • Documentation of business processes
  • Recording of the relevant assets (systems, contracts, software, firmware, versions, licences, patents, buildings, knowledge, infrastructure, ...)
  • Description of the type and scope of data processing
  • Plausible, reproducible, complete risk identification (effects of errors, probability of occurrence, use of measures with justification, residual risks)
  • Processes for routine tasks and for checking the effectiveness of measures (PDCA)
  • Real-time detection and handling of vulnerabilities
  • Resilience status against various attack scenarios
  • fulfilment of the requirements for „ensuring a high common level of security of network and information systems across the Union“ (NIS 2)
  • Fulfilment of the requirements of the GDPR
  • Dovetailing of risk treatments for data protection and information security

ANYA GRC was created because there was no software on the market that could fulfil these requirements in combination.