{"id":339,"date":"2024-07-18T13:58:59","date_gmt":"2024-07-18T11:58:59","guid":{"rendered":"https:\/\/buchholz-software.de\/?page_id=339"},"modified":"2024-07-26T14:34:26","modified_gmt":"2024-07-26T12:34:26","slug":"anyva","status":"publish","type":"page","link":"https:\/\/buchholz-software.de\/en\/anyva\/","title":{"rendered":"Anyva"},"content":{"rendered":"
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Anyva GRC Suite<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\"\"\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Anyva GRC Suite <\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Data protection<\/strong><\/span><\/h3>

\u2705 Data protection organisation<\/strong>
(user and rights management, responsibilities, risk status, implementation status, evaluations, checklists, tickets, task overview, audits, error lists, appointments, reports, guidelines, manuals, concepts, objectives, training and further training, deletion concepts, PDCA cycles, confidentiality agreements, document control)<\/p>

\u2705Register of processing activities (VVT)<\/strong>
(responsibility, description, legality, purposes, purpose limitation, deletion rules, forwarding, data and person categories, DSFA threshold value analysis, systems used and security of processing, processing status, status of order processing, risk status, TOM, checks, deadlines, tasks, tickets, numerous templates and templates, link to external documents, report\/export to PDF, DOCX, XLSX, HTML, ...)<\/p>

\u2705 Data protection impact assessment (DPIA)<\/strong>
(Description, delimitation, purposes, information diagram, network diagram, requirement modules, affected warranty objectives, individual requirements with risks and effects, TOM, description of the effect, probabilities of occurrence, risk matrices with and without TOM, residual risk, open measures, deadlines, tickets, reviews, DPO statement, PDCA cycles, link to external documents, report\/export to PDF, DOCX, XLSX, HTML, ...)<\/p>

\u2705 Data Protection Officer (DPO)<\/strong>
(appointment and proof of notification, proof of expertise, conflicts of interest, statements, training and consultations, time recording, minutes of meetings, correspondence with authorities and affected persons, deadline tracking, audit logs with error lists and processing statuses) <\/p>

\u2705 Persons concerned<\/strong>
(recording complaints and exercising rights, documentation of identifications, information, corrections, deletions, objections, transfer requests, logging and tracking of deadlines, communication with data subjects, consent management) <\/p>

\u2705 Data breaches<\/strong>
(documentation, notification to supervisory authorities, communication with data subjects, remedial measures, proof of effectiveness, tickets, deadlines, tasks) <\/p>

\u2705 Order processing<\/strong>
(documentation of order processing contracts, audit criteria for processors, audit criteria for order processing contracts, regular reviews, tickets, deadlines, tasks)<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Information security<\/strong><\/span><\/h3>
\u2705 Organisation<\/strong>
(user and rights management, responsibilities, risk status, implementation status, evaluations, checklists, tickets, task overview, audits, error lists, deadlines, reports, guidelines, manuals, concepts, objectives, training and further training, PDCA cycles, confidentiality agreements, document control)<\/div>
\u00a0<\/div>

\u2705BSI basic protection<\/strong>
(concepts and planning, guidelines, directives, responsibilities, delimitations, business processes, resources, structural analysis, determination of protection requirements, modelling, risk analysis, continuous improvement (PDCA), audit plans, audit results, defect lists with processing statuses)<\/p>

\u2705ISO 27001<\/strong>
(Concepts and planning, guidelines, policies, responsibilities, demarcations, assets and resources, risk analysis, protection needs analysis, SOAs, risk treatment, continuous improvement (PDCA), audit plans, audit results, defect lists with processing statuses)<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Asset management
<\/strong><\/span><\/h3>
\u2705 Assets<\/strong>
(name, status, manufacturer, serial number, photo, BYD, supplier, costs, amortisation, risk status, notification group, vulnerability check)<\/div>
\u00a0<\/div>

\u2705Technical systems<\/strong>
(Name and description, risk status, vulnerability assessment, list of assets, associated DSMS processing activities)<\/p>

\u2705Target object groups<\/strong>
(List of technical systems, risk status, associated ISMS business processes)<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Vulnerability management
<\/strong><\/span><\/h3>\n
\u2705 CVE database<\/strong>
(Hourly update of the local copy of the MITRE CVE <\/div>\n
vulnerability database)<\/div>\n
 <\/div>\n

\u2705CveCheckups<\/strong>
(Check of all assets in the asset database against new CVE data records and notification of the check group, relevance check)<\/p>\n

\u2705Vulnerabilities<\/strong>
(Vulnerability management for assets, delegation of treatment status to associated technical systems, processing activities (DSMS) and business processes (ISMS), tracking of vulnerability treatment status, report and management review, tickets, tasks, deadlines, PDCA cycles)
<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"

Anyva GRC Suite Anyva GRC Suite Datenschutz \u2705 Datenschutzorganisation(Benutzer- und Rechteverwaltung, Verantwortlichkeiten, Risikostatus, Umsetzungsstatus, Bewertungen, Checklisten, Tickets, Aufgaben\u00fcbersicht, Audits, Fehlerlisten, Termine, Berichte, Richtlinien, Handb\u00fccher, Konzepte, Ziele, Schulungen und Weiterbildungen, L\u00f6schkonzepte, PDCA Zyklen, Vertraulichkeitsvereinbarungen, Dokumentenlenkung) \u2705Verzeichnis der Verarbeitungst\u00e4tigkeiten (VVT)(Verantworlichkeit, Beschreibung, Rechtm\u00e4\u00dfigkeit, Zwecke, Zweckbindung, L\u00f6schregeln, Weitergabe, Daten- und Personenkategorien, DSFA Schwellwertanalyse, eingesetzte Systeme und Sicherheit der Verarbeitung, […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-339","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/pages\/339","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/comments?post=339"}],"version-history":[{"count":48,"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/pages\/339\/revisions"}],"predecessor-version":[{"id":977,"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/pages\/339\/revisions\/977"}],"wp:attachment":[{"href":"https:\/\/buchholz-software.de\/en\/wp-json\/wp\/v2\/media?parent=339"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}