{"id":1365,"date":"2025-12-07T11:37:23","date_gmt":"2025-12-07T10:37:23","guid":{"rendered":"https:\/\/buchholz-software.de\/risikomanagement\/"},"modified":"2025-12-07T11:37:58","modified_gmt":"2025-12-07T10:37:58","slug":"risk-management","status":"publish","type":"page","link":"https:\/\/buchholz-software.de\/en\/risikomanagement\/","title":{"rendered":"Risk management"},"content":{"rendered":"<div data-elementor-type=\"wp-page\" data-elementor-id=\"1365\" class=\"elementor elementor-1365\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-9f63f31 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"9f63f31\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-58 elementor-top-column elementor-element elementor-element-7d80df5\" data-id=\"7d80df5\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-3f16a40 elementor-widget elementor-widget-text-editor\" data-id=\"3f16a40\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<span class=\"anyva-eyebrow\">Risk Management \u00b7 GRC<\/span>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4aeb899 elementor-widget elementor-widget-heading\" data-id=\"4aeb899\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">To systematically identify, assess, and demonstrably manage risks<\/h1>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fbe2538 elementor-widget elementor-widget-text-editor\" data-id=\"fbe2538\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p style=\"color:rgba(255,255,255,0.75);font-size:1.05rem;max-width:520px\">ANYVA supports integrated risk management for data protection and information security \u2013 based on real process and asset data, with traceable documentation and a direct link to the Data Protection Impact Assessment (DPIA).<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-52a2da3 elementor-widget elementor-widget-text-editor\" data-id=\"52a2da3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div style=\"display:flex;flex-wrap:wrap;gap:12px;margin-top:8px\">\n<a href=\"https:\/\/buchholz-software.de\/en\/contact-us\/\" style=\"background:#1A4B8C;color:#fff;padding:11px 22px;border-radius:6px;font-weight:600;font-size:0.875rem;text-decoration:none;display:inline-block\">Arrange a demo<\/a>\n<a href=\"https:\/\/buchholz-software.de\/en\/anyva-grc\/\" style=\"background:rgba(255,255,255,0.07);color:rgba(255,255,255,0.85);padding:11px 22px;border-radius:6px;font-weight:600;font-size:0.875rem;text-decoration:none;display:inline-block;border:1px solid rgba(255,255,255,0.14)\">View all modules<\/a>\n<\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-42 elementor-top-column elementor-element elementor-element-9b5b7c9\" data-id=\"9b5b7c9\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-799f900 elementor-widget elementor-widget-text-editor\" data-id=\"799f900\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div style=\"background:rgba(255,255,255,0.05);border:1px solid rgba(255,255,255,0.1);border-radius:12px;padding:24px\">\n<p style=\"color:#0EA5E9;font-size:0.72rem;font-weight:700;letter-spacing:0.1em;text-transform:uppercase;margin-bottom:14px\">Scope of functionality<\/p>\n<ul style=\"list-style:none;padding:0;margin:0\"><li style=\"padding:7px 0;border-bottom:1px solid rgba(255,255,255,0.07);color:rgba(255,255,255,0.82);font-size:0.875rem\"><span style=\"color:#10B981;margin-right:8px\">\u2713<\/span>Risk identification from processes<\/li><li style=\"padding:7px 0;border-bottom:1px solid rgba(255,255,255,0.07);color:rgba(255,255,255,0.82);font-size:0.875rem\"><span style=\"color:#10B981;margin-right:8px\">\u2713<\/span>Assessment of entry and impact<\/li><li style=\"padding:7px 0;border-bottom:1px solid rgba(255,255,255,0.07);color:rgba(255,255,255,0.82);font-size:0.875rem\"><span style=\"color:#10B981;margin-right:8px\">\u2713<\/span>Risk Mitigation Plan &amp; Measures<\/li><li style=\"padding:7px 0;border-bottom:1px solid rgba(255,255,255,0.07);color:rgba(255,255,255,0.82);font-size:0.875rem\"><span style=\"color:#10B981;margin-right:8px\">\u2713<\/span>Link to Assets &amp; Vulnerabilities<\/li><li style=\"padding:7px 0;border-bottom:1px solid rgba(255,255,255,0.07);color:rgba(255,255,255,0.82);font-size:0.875rem\"><span style=\"color:#10B981;margin-right:8px\">\u2713<\/span>DSFA-Integration<\/li><li style=\"padding:7px 0;border-bottom:1px solid rgba(255,255,255,0.07);color:rgba(255,255,255,0.82);font-size:0.875rem\"><span style=\"color:#10B981;margin-right:8px\">\u2713<\/span>PDCA &amp; Effectiveness Control<\/li><li style=\"padding:7px 0;border-bottom:1px solid rgba(255,255,255,0.07);color:rgba(255,255,255,0.82);font-size:0.875rem\"><span style=\"color:#10B981;margin-right:8px\">\u2713<\/span>Audit trail for all decisions<\/li><\/ul><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-802c1d1 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"802c1d1\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1c85318\" data-id=\"1c85318\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-dd0ca0a elementor-widget elementor-widget-text-editor\" data-id=\"dd0ca0a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<span class=\"anyva-eyebrow\">The approach<\/span>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-73ebf7c elementor-widget elementor-widget-heading\" data-id=\"73ebf7c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Risks from the context \u2013 not from manual estimates<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a056d43 elementor-widget elementor-widget-text-editor\" data-id=\"a056d43\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p style=\"color:#64748B;max-width:640px\">In many organisations, risk registers are created through manual estimates in Excel spreadsheets \u2013 with no connection to real-world processes or technical systems. ANYVA directly links risks to the processes, assets, and vulnerabilities from which they arise.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-6f55082\" data-id=\"6f55082\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5ba4dc7 elementor-widget elementor-widget-text-editor\" data-id=\"5ba4dc7\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div><div style=\"display:flex;gap:16px;padding:18px 0;border-bottom:1px solid #E2E8F0\">\n<div style=\"font-size:1.5rem;flex-shrink:0;margin-top:2px\">\ud83d\udd04<\/div>\n<div><strong style=\"color:#0A1628;display:block;margin-bottom:4px;font-size:0.925rem\">Risks from processes<\/strong>\n<p style=\"color:#64748B;font-size:0.85rem;line-height:1.6;margin:0\">Business processes are the starting point. Risks arise directly from captured processes, data flows, and system dependencies \u2013 no manual single estimation.<\/p><\/div><\/div><div style=\"display:flex;gap:16px;padding:18px 0;border-bottom:1px solid #E2E8F0\">\n<div style=\"font-size:1.5rem;flex-shrink:0;margin-top:2px\">Scales<\/div>\n<div><strong style=\"color:#0A1628;display:block;margin-bottom:4px;font-size:0.925rem\">Structured assessment<\/strong>\n<p style=\"color:#64748B;font-size:0.85rem;line-height:1.6;margin:0\">Probability of occurrence, extent of damage, and risk strategy are systematically recorded \u2013 jointly for data protection and IT security risks.<\/p><\/div><\/div><div style=\"display:flex;gap:16px;padding:18px 0;border-bottom:1px solid #E2E8F0\">\n<div style=\"font-size:1.5rem;flex-shrink:0;margin-top:2px\">\ud83d\udd17<\/div>\n<div><strong style=\"color:#0A1628;display:block;margin-bottom:4px;font-size:0.925rem\">Linked risk chain<\/strong>\n<p style=\"color:#64748B;font-size:0.85rem;line-height:1.6;margin:0\">IT risks affect data protection risks. Vulnerabilities affect asset risks. ANYVA maps the complete risk chain \u2013 in both directions.<\/p><\/div><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-cd8a7ef\" data-id=\"cd8a7ef\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5a86a6a elementor-widget elementor-widget-text-editor\" data-id=\"5a86a6a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div><div style=\"display:flex;gap:16px;padding:18px 0;border-bottom:1px solid #E2E8F0\">\n<div style=\"font-size:1.5rem;flex-shrink:0;margin-top:2px\">\ud83d\udccb<\/div>\n<div><strong style=\"color:#0A1628;display:block;margin-bottom:4px;font-size:0.925rem\">Risk Mitigation Plan<\/strong>\n<p style=\"color:#64748B;font-size:0.85rem;line-height:1.6;margin:0\">For each risk, measures, responsible persons and deadlines can be defined. PDCA ensures that effectiveness is demonstrably checked.<\/p><\/div><\/div><div style=\"display:flex;gap:16px;padding:18px 0;border-bottom:1px solid #E2E8F0\">\n<div style=\"font-size:1.5rem;flex-shrink:0;margin-top:2px\">\ud83d\udd0d<\/div>\n<div><strong style=\"color:#0A1628;display:block;margin-bottom:4px;font-size:0.925rem\">DSFA-Integration<\/strong>\n<p style=\"color:#64748B;font-size:0.85rem;line-height:1.6;margin:0\">Data protection risks are incorporated directly into the DPIA \u2013 no double assessment, no manual transfer between systems.<\/p><\/div><\/div><div style=\"display:flex;gap:16px;padding:18px 0;border-bottom:1px solid #E2E8F0\">\n<div style=\"font-size:1.5rem;flex-shrink:0;margin-top:2px\">\ud83d\udcca<\/div>\n<div><strong style=\"color:#0A1628;display:block;margin-bottom:4px;font-size:0.925rem\">Audit-Trail<\/strong>\n<p style=\"color:#64748B;font-size:0.85rem;line-height:1.6;margin:0\">All risk assessments and decisions are documented with timestamps and origin \u2013 for internal and external audits.<\/p><\/div><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-ca2664f elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"ca2664f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-55 elementor-top-column elementor-element elementor-element-e974bdb\" data-id=\"e974bdb\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-65bfa35 elementor-widget elementor-widget-text-editor\" data-id=\"65bfa35\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<span class=\"anyva-eyebrow\">Integrated Risk Model<\/span>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bb93260 elementor-widget elementor-widget-heading\" data-id=\"bb93260\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">A data protection and information security risk register<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a9ece11 elementor-widget elementor-widget-text-editor\" data-id=\"a9ece11\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p style=\"color:#64748B\">Instead of two separate risk registers for DSMS and ISMS, ANYVA works with a unified model \u2013 risks are assessed once and apply to both disciplines.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-305e189 elementor-widget elementor-widget-text-editor\" data-id=\"305e189\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div style=\"background:#F8FAFC;border-radius:12px;padding:24px;border:1px solid #E2E8F0\"><p style=\"font-weight:700;color:#0A1628;margin-bottom:12px;font-size:0.9rem\">This means specifically:<\/p><ul style=\"list-style:none;padding:0;margin:0\"><li style=\"padding:8px 0;border-bottom:1px solid #E2E8F0;font-size:0.875rem;color:#374151;display:flex;gap:8px\"><span style=\"color:#1A4B8C;flex-shrink:0\">\u2192<\/span>A risk register instead of two separate lists<\/li><li style=\"padding:8px 0;border-bottom:1px solid #E2E8F0;font-size:0.875rem;color:#374151;display:flex;gap:8px\"><span style=\"color:#1A4B8C;flex-shrink:0\">\u2192<\/span>Risks from processes, assets and vulnerabilities automatically linked<\/li><li style=\"padding:8px 0;border-bottom:1px solid #E2E8F0;font-size:0.875rem;color:#374151;display:flex;gap:8px\"><span style=\"color:#1A4B8C;flex-shrink:0\">\u2192<\/span>Measures act simultaneously in DSMS and ISMS<\/li><li style=\"padding:8px 0;border-bottom:1px solid #E2E8F0;font-size:0.875rem;color:#374151;display:flex;gap:8px\"><span style=\"color:#1A4B8C;flex-shrink:0\">\u2192<\/span>Full audit trail for audits and authorities from one system<\/li><\/ul><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-45 elementor-top-column elementor-element elementor-element-30d5165\" data-id=\"30d5165\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-065d9c2 elementor-widget elementor-widget-text-editor\" data-id=\"065d9c2\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<span class=\"anyva-eyebrow\">Relevant Requirements<\/span>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-59f1d4e elementor-widget elementor-widget-text-editor\" data-id=\"59f1d4e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div style=\"display:flex;flex-direction:column;gap:10px;margin-top:8px\">\n<div style=\"padding:14px 16px;background:#F8FAFC;border:1px solid #E2E8F0;border-radius:10px\">\n  <strong style=\"color:#0A1628;font-size:0.875rem\">GDPR Article 35<\/strong>\n  <p style=\"color:#64748B;font-size:0.8rem;margin:4px 0 0\">Risk-based Data Protection Impact Assessment \u2013 Risk assessment as a structured basis for DPIA.<\/p>\n<\/div>\n<div style=\"padding:14px 16px;background:#F8FAFC;border:1px solid #E2E8F0;border-radius:10px\">\n  <strong style=\"color:#0A1628;font-size:0.875rem\">ISO 27001 Chapter 6<\/strong>\n  <p style=\"color:#64748B;font-size:0.8rem;margin:4px 0 0\">Risk analysis as a core ISMS element \u2013 structured, traceable, and linked to the Statement of Applicability.<\/p>\n<\/div>\n<div style=\"padding:14px 16px;background:#F8FAFC;border:1px solid #E2E8F0;border-radius:10px\">\n  <strong style=\"color:#0A1628;font-size:0.875rem\">NIS-2<\/strong>\n  <p style=\"color:#64748B;font-size:0.8rem;margin:4px 0 0\">Risk management as a duty for essential and important institutions \u2013 including supply chains and technical systems.<\/p>\n<\/div>\n<\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-risk_flow_sec elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"risk_flow_sec\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-risk_flow_col\" data-id=\"risk_flow_col\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-risk_flow_w elementor-widget elementor-widget-text-editor\" data-id=\"risk_flow_w\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"anyva-eyebrow\">Dynamic Risk Mapping<\/p>\n<h2>Vulnerabilities, processes, and risks are mutually influential.<\/h2>\n<p style=\"color:#64748B;font-size:1rem;max-width:700px;margin-bottom:0\">ANYVA does not separate risk management from operational processes. Technical vulnerabilities and process changes have a direct impact on the risk assessment.<\/p>\n<div class=\"anyva-flow anyva-flow--light\" style=\"margin-top:2rem\">\n<div class=\"anyva-flow-step\">\n<div class=\"anyva-flow-icon\">Desktop computer<\/div>\n<div class=\"anyva-flow-title\">Technical Service<\/div>\n<div class=\"anyva-flow-desc\">Assets recorded and maintained in the ISMS<\/div>\n<\/div>\n<div class=\"anyva-flow-step\">\n<div class=\"anyva-flow-icon\">\ud83d\udd0d<\/div>\n<div class=\"anyva-flow-title\">Vulnerability<\/div>\n<div class=\"anyva-flow-desc\">CVE automatically assigned to the service<\/div>\n<\/div>\n<div class=\"anyva-flow-step\">\n<div class=\"anyva-flow-icon\">Files<\/div>\n<div class=\"anyva-flow-title\">Process affected<\/div>\n<div class=\"anyva-flow-desc\">Affected business process identified<\/div>\n<\/div>\n<div class=\"anyva-flow-step\">\n<div class=\"anyva-flow-icon\">\u26a0\ufe0f<\/div>\n<div class=\"anyva-flow-title\">Risk updated<\/div>\n<div class=\"anyva-flow-desc\">Risk rating for ISMS and DSMS recalculated<\/div>\n<\/div>\n<div class=\"anyva-flow-step\">\n<div class=\"anyva-flow-icon\">Shield<\/div>\n<div class=\"anyva-flow-title\">Measure derived<\/div>\n<div class=\"anyva-flow-desc\">TOM or Measure with Efficacy Check<\/div>\n<\/div>\n<\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-risk_scen_sec elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"risk_scen_sec\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-risk_scen_col\" data-id=\"risk_scen_col\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-risk_scen_w elementor-widget elementor-widget-text-editor\" data-id=\"risk_scen_w\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p class=\"anyva-eyebrow\">Practical scenario<\/p>\n<h2>What happens when new legal requirements come into force?<\/h2>\n<p style=\"color:#64748B;font-size:1rem;max-width:700px;margin-bottom:1.5rem\">New requirements from NIS-2 or a GDPR decision \u2013 and how ANYVA visualises their impact on existing risks.<\/p>\n<div class=\"anyva-flow anyva-flow--light\">\n<div class=\"anyva-flow-step\">\n<div class=\"anyva-flow-icon\">Scales<\/div>\n<div class=\"anyva-flow-title\">Requirement captured<\/div>\n<div class=\"anyva-flow-desc\">New legal obligation set up as a requirements module<\/div>\n<\/div>\n<div class=\"anyva-flow-step\">\n<div class=\"anyva-flow-icon\">Files<\/div>\n<div class=\"anyva-flow-title\">Processes assigned<\/div>\n<div class=\"anyva-flow-desc\">Affected business processes automatically identified<\/div>\n<\/div>\n<div class=\"anyva-flow-step\">\n<div class=\"anyva-flow-icon\">\u26a0\ufe0f<\/div>\n<div class=\"anyva-flow-title\">Risks assessed<\/div>\n<div class=\"anyva-flow-desc\">Existing risk assessments checked for currency<\/div>\n<\/div>\n<div class=\"anyva-flow-step\">\n<div class=\"anyva-flow-icon\">Shield<\/div>\n<div class=\"anyva-flow-title\">Gaps identified<\/div>\n<div class=\"anyva-flow-desc\">Missing measures and open requirements made visible<\/div>\n<\/div>\n<div class=\"anyva-flow-step\">\n<div class=\"anyva-flow-icon\">\ud83d\udccb<\/div>\n<div class=\"anyva-flow-title\">Implementation documented<\/div>\n<div class=\"anyva-flow-desc\">Measures derived, implemented, effectiveness checked<\/div>\n<\/div>\n<\/div>\n<p style=\"color:#64748B;font-size:0.875rem;margin-top:1.25rem;max-width:680px\">Without ANYVA: Requirements in tables, manual reconciliation with existing measures, lack of traceability. With ANYVA: Structured process, complete proof.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-997d15e elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"997d15e\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-bbab160\" data-id=\"bbab160\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-1c7cfe3 elementor-widget elementor-widget-heading\" data-id=\"1c7cfe3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Build up risk management in a structured way<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1a413f1 elementor-widget elementor-widget-text-editor\" data-id=\"1a413f1\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p style=\"text-align:center;color:rgba(255,255,255,0.7);max-width:500px;margin:0 auto 20px;font-size:0.95rem\">In a demo, we'll show you how ANYVA integrates risk management into your GRC process \u2013 from initial assessment to audit evidence.<\/p>\n<div style=\"text-align:center\">\n<a href=\"https:\/\/buchholz-software.de\/en\/contact-us\/\" style=\"background:#1A4B8C;color:#fff;padding:11px 24px;border-radius:6px;font-weight:600;font-size:0.875rem;text-decoration:none;display:inline-block;margin-right:10px\">Arrange a demo<\/a>\n<a href=\"https:\/\/buchholz-software.de\/en\/anyva-grc\/\" style=\"color:rgba(255,255,255,0.75);padding:11px 16px;border-radius:6px;font-weight:600;font-size:0.875rem;text-decoration:none;display:inline-block;border:1px solid rgba(255,255,255,0.15)\">View platform<\/a>\n<\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-1365","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/pages\/1365","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/comments?post=1365"}],"version-history":[{"count":4,"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/pages\/1365\/revisions"}],"predecessor-version":[{"id":1407,"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/pages\/1365\/revisions\/1407"}],"wp:attachment":[{"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/media?parent=1365"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}