Yes, as a modern cloud platform, Leno allows for No-Code configuration. The solution is highly scalable and can be flexibly adapted to your internal structures, processes, and permission sets without any programming effort.

Leno eliminates manual errors through high-level automation and integrated AI. Structured workflows and built-in regulatory expertise replace tedious email-based coordination and static lists with a modern, digital process.

Yes, Leno eliminates fragmented data silos by seamlessly linking vendors directly to their corresponding contracts, risks, and mitigation measures. This seamless integration prevents redundant data entry and ensures full transparency.

Leno is a modular GRC platform designed to digitalize and automate Governance, Risk & Compliance. It serves as a central hub for Third-Party Risk Management (TPRM), Contract Lifecycle Management (CLM), Information Security (ISM), and BCM.

Risk analysis according to BSI IT-Grundschutz and ISO 27001 is used to systematically identify, assess, and prioritize information security–related risks. It forms the basis for selecting appropriate security measures within the framework of an ISMS.

Thanks to pre-defined GRC templates and expert onboarding support, you can achieve a rapid "Go-Live". We guide you from initial data migration to full production to ensure a smooth transition.

ISO 27001 allows a flexible, risk-based methodology, whereas BSI IT-Grundschutz is more standardized and catalog-based. Both approaches, however, share the same goal: to make risks transparent and manage them appropriately. Leno supports both methods as well as hybrid approaches.

‍

Yes, Leno supports English and German as standard. Additional languages for international GRC teams can be added upon request to support your global compliance operations.

Security is ensured through Single Sign-On (SSO) and role-based access control (RBAC). Leno provides hosting and support directly from Germany, adhering to the highest security standards and architectural requirements.

Risks arising from threats and vulnerabilities relating to information objects, processes and applications are considered. These include technical, organizational and external risks.

A risk analysis must be reviewed regularly and updated at least once a year. In addition, event-driven updates are required, for example, in case of changes in the information network, new threats, or significant process adjustments.

‍

Leno is modular and fully integrated. We offer specialized modules: Leno TPRM (Third-Party Risk & Outsourcing), Leno CLM (Contract Management), and Leno ISM (Information Security & BCM). All modules work together to form a holistic GRC ecosystem.

The protection requirement analysis determines how valuable or sensitive information, processes, or applications are. The risk analysis then assesses the risks to which these protection requirements are exposed and evaluates the potential impacts. Both analyses logically build upon each other.

Risk analysis is a key audit criterion in ISO 27001 certifications and internal audits. Auditors expect a transparent methodology, up-to-date assessments, and a clear derivation of actions.

‍