The protection requirement analysis determines how valuable or sensitive information, processes, or applications are. The risk analysis then assesses the risks to which these protection requirements are exposed and evaluates the potential impacts. Both analyses logically build upon each other.
Yes, as a modern cloud platform, Leno allows for No-Code configuration.
Yes, as a modern cloud platform, Leno allows for No-Code configuration. The solution is highly scalable and can be flexibly adapted to your internal structures, processes, and permission sets without any programming effort.
Leno eliminates manual errors through high-level automation and integrated AI
Leno eliminates manual errors through high-level automation and integrated AI. Structured workflows and built-in regulatory expertise replace tedious email-based coordination and static lists with a modern, digital process.
Yes, Leno eliminates fragmented data silos by seamlessly linking vendors directly to their corresponding contracts, risks, and mitigation measures.
Yes, Leno eliminates fragmented data silos by seamlessly linking vendors directly to their corresponding contracts, risks, and mitigation measures. This seamless integration prevents redundant data entry and ensures full transparency.
Leno is a modular GRC platform designed to digitalize and automate Governance, Risk & Compliance.
Leno is a modular GRC platform designed to digitalize and automate Governance, Risk & Compliance. It serves as a central hub for Third-Party Risk Management (TPRM), Contract Lifecycle Management (CLM), Information Security (ISM), and BCM.
Die Risikoanalyse nach BSI-Grundschutz und ISO 27001 dient dazu, informationssicherheitsrelevante Risiken systematisch zu identifizieren, zu bewerten und zu priorisieren.
Risk analysis according to BSI IT-Grundschutz and ISO 27001 is used to systematically identify, assess, and prioritize information security–related risks. It forms the basis for selecting appropriate security measures within the framework of an ISMS.
Thanks to pre-defined GRC templates and expert onboarding support, you can achieve a rapid "Go-Live".
Thanks to pre-defined GRC templates and expert onboarding support, you can achieve a rapid "Go-Live". We guide you from initial data migration to full production to ensure a smooth transition.
Die ISO 27001 erlaubt eine flexible, risikobasierte Methodik, während der BSI-Grundschutz stärker standardisiert und katalogbasiert ist. Beide Ansätze verfolgen jedoch dasselbe Ziel.
ISO 27001 allows a flexible, risk-based methodology, whereas BSI IT-Grundschutz is more standardized and catalog-based. Both approaches, however, share the same goal: to make risks transparent and manage them appropriately. Leno supports both methods as well as hybrid approaches.
Yes, Leno supports English and German as standard.
Yes, Leno supports English and German as standard. Additional languages for international GRC teams can be added upon request to support your global compliance operations.
Security is ensured through Single Sign-On (SSO) and role-based access control (RBAC).
Security is ensured through Single Sign-On (SSO) and role-based access control (RBAC). Leno provides hosting and support directly from Germany, adhering to the highest security standards and architectural requirements.
Berücksichtigt werden Risiken, die sich aus Bedrohungen und Schwachstellen in Bezug auf Informationsobjekte, Prozesse und Anwendungen ergeben. Dazu zählen unter anderem technische, organisatorische und externe Risiken.
Risks arising from threats and vulnerabilities related to information assets, processes, and applications must be considered. These include, among others, technical, organizational, and external risks.
Eine Risikoanalyse ist regelmäßig zu überprüfen und mindestens einmal jährlich zu aktualisieren. Zusätzlich ist eine anlassbezogene Aktualisierung erforderlich, etwa bei Änderungen im Informationsverbund, neuen Bedrohungen oder wesentlichen Prozessanpassungen.
A risk analysis must be reviewed regularly and updated at least once a year. In addition, event-driven updates are required, for example, in case of changes in the information network, new threats, or significant process adjustments.
Leno TPRM (Third-Party Risk & Outsourcing), Leno CLM (Contract Management), and Leno ISM (Information Security & BCM).
Leno is modular and fully integrated. We offer specialized modules: Leno Third-Parties, Leno Contacts, and Leno Security & Resilience. All modules work together to form a holistic GRC ecosystem.
Die Schutzbedarfsanalyse bestimmt, wie schützenswert Informationen, Prozesse oder Anwendungen sind. Die Risikoanalyse bewertet anschließend, welchen Risiken diese Schutzbedarfe ausgesetzt sind und wie hoch die potenziellen Auswirkungen sind.
The protection requirement analysis determines how valuable or sensitive information, processes, or applications are. The risk analysis then assesses the risks to which these protection requirements are exposed and evaluates the potential impacts. Both analyses logically build upon each other.
Die Risikoanalyse ist ein zentrales Prüfkriterium bei ISO-27001-Zertifizierungen und internen Audits. Prüfer erwarten eine nachvollziehbare Methodik, aktuelle Bewertungen und eine klare Ableitung von Maßnahmen.
Risk analysis is a key audit criterion in ISO 27001 certifications and internal audits. Auditors expect a transparent methodology, up-to-date assessments, and a clear derivation of actions.
Our TPRM and outsourcing management software enables compliant, transparent, and efficient lifecycle management of outsourcing arrangements, ICT services, and onward outsourcing in accordance with DORA, EBA Guidelines, and MaRisk. AI-driven automation delivers excellent usability, high data quality, and complete audit readiness.
Our AI-powered, user-friendly, and automated software für contract lifecycle management (CLM) provides a dynamic hierarchical representation of all contract documents, continuous compliance with regulatory requirements, and transparent search and filter functions, including approval workflows and deadline monitoring.
Map a complete information ecosystem and connect all assets in real time. Our information security and Business Continuity Management (BCM) software enables you to conduct protection needs analyses, business impact analyses, and risk assessments, forming a fully integrated information risk management and BCM system.
