Zero Trust Security Model: A Step-by-Step Guide

Did you know that (according to IBM) “the average cost of a ransomware attack is about $4.54 million, not including the cost of the ransom itself?” That’s because, as the digital landscape evolves, traditional security measures are no longer sufficient to protect sensitive data and networks. Cyber threats are becoming

Read More »

10 Ways to Protect Your SaaS Business from Ransomware Attacks

According to Wired.co.uk, “…victims have paid ransomware groups $449.1 million in the first six months of this year…If this year’s pace of payments continues … the total figure for 2023 could hit $898.6 million. This would make 2023 the second biggest year for ransomware revenue after 2021”. Corvus Insurance Discover

Read More »

Compleye Employs Full-Time Commercial Director, Heikki Erola

Entrepreneur, startup founder & SaaS builder, Heikki Erola, joins Compleye as Director of Commerce. Where’d he come from? Born and bred in Finland, Compleye’s new Director of Commerce has lived in a number of countries and now resides in Barcelona. An entrepreneur, Heikki has been working in software and in

Read More »

A Quick Guide to SOC2, ISO 27001, and ISO 9001 Frameworks

In today’s digital era, maintaining security, quality, and efficiency is paramount for any organization. To help businesses meet these standards, several frameworks have been introduced. Three of the most well-recognized ones are SOC2, ISO 27001, and ISO 9001. This post will provide a brief overview of each, followed by a

Read More »

Essential Privacy and Security Measures for Company Computer Use

With cyber threats evolving rapidly and data breaches becoming increasingly common, organizations cannot afford to neglect these essential aspects of their operations. Here’s a quick guide to the primary privacy and security measures all companies should implement for their computer use. Make sure you can check off all these measures

Read More »

What is Compliance Management?  

It might sound simple, but it’s strangely not that easy to accurately define compliance management, or for that matter, explain the importance of compliance management and how it enhances your information security posture. Let’s take some time to do just that and to look at key examples of compliance management

Read More »

ISO27001 KPIs – 10 prime examples you should track  

When it comes to ISO27001 it’s vital that you keep track of your ISMS’s effectiveness. Although ISO27001 doesn’t give exact KPIs or provide an outline of how to track your ISMS’s effectiveness, it’s important to regularly evaluate the performance of your security measures.   To make life a little bit easier,

Read More »

ISO 27001:2022 The transition  

The ISO 27001:2022 transition audit. The phrase strikes fear into the hearts of many tech startups who have already been diligent enough to obtain their ISO 27001:2013 certification.   But, fear not. If you’re already certified with ISO 27001:2013, that certification is still valid until the end of your certification cycle

Read More »

Startup Compliance: the why, what and who 

At Compleye, we understand the startup journey. We know your path is different to that of a big corporate. In this article we’ll look at why compliance for startups can be more challenging than compliance for corporates. We’ll take a look at the common mistakes that startups make when it

Read More »

Compleye Employs CTO, William Hurst

South African born entrepreneur turned CTO, William Hurst joined Compleye in October 2022.  Where’s he from? With an entrepreneurial, rather than an academic brain, William started (and quickly ended) his studies at Stellenbosch University in the early 2000s. Leaving to explore the exciting world of software engineering and coding. Once

Read More »
ISO Documents

What are the Mandatory Documents Needed for ISO 27001?

The list of documented information for ISO 27001 certification is a lengthy one. However, not all of the documentation is mandatory and your auditor is not necessarily going to want to scrutinise everything you’ve compiled. But, as we always say, better safe, secure and certified than sorry. We’ve compiled a

Read More »

What is ISO 27001?

We are going to be very short and simple with this article, just how we think Compliance should be and that is exactly what we do at Compleye, making it simple! Let´s go over the most asked question about ISO 27001: What is ISO 27001? It is an international standard

Read More »

ISO 27001 Certification: Common pitfalls

Let us break it down for you. The ISO 27001 certification is not a walk in the park, and its challenges are not like riding a bike. With challenges, challenges will arise. When challenges arise, mistakes are there to be made. Mistakes, though, are proof that you’re trying. Just make

Read More »

Security Data Training

Becoming aware of the Security Data Training Small mistakes can have large consequences. It just takes one innocent employee to accidentally click on the malicious attachment in a phishing email, for a companies’ device to get infected with malware that leads to sensitive information ending up in criminal hands. So

Read More »

It’s Internal Audit time

If you are a fanatic – or less fanatic – reader of our articles, you will probably know the importance of ensuring information security and regulatory compliance by now. Therefore, evaluating performances and managing risks in that area is highly crucial for organisations. Are we making progress towards our compliance

Read More »

The number of ISO standards – it’s a numbers game

If you have been following Compleye for quite some time now – good on you – ISO 27001 is a term that you won’t be unfamiliar with. Question is whether you know that ISO 27001 has some brothers and sisters in the ISO-family. Well, some… Let’s actually make that a

Read More »

What are the internet cookies

Cookies. The ones we occasionally crave, that smell like our childhood home, tend to make us very happy. Internet cookies or digital cookies, however, operate a little differently. The biggest difference? We can’t consume them. Though, you can wholeheartedly leave that up to your browser. Let’s be honest. All internet creatures,

Read More »

The DPO and PO: their differences

You’re probably getting used to us elaborating important abbreviations out of the industry by now. No worries, we got more in store for you today. We are going to tell you about the DPO and the PO – and their differences – within organisations. So, let’s go and dive into

Read More »

Top 3 tips for Privacy/GDPR frameworks

As data protection and privacy become a higher corporate priority, compliance and risk professionals would be wise to leverage frameworks regarding privacy. Since we are both compliance professionals and wise, we will provide you with 3 things that anyone should focus on when implementing ISO27001. Focus on Privacy and GDPR.

Read More »

Not so fine GDPR fines

Fines. Charges. Penalties. Many will consider these (and similar) words to be negative, mood-killing, or even terrifying. The number and the size of the fines that are imposed regarding the GDPR, the General Data Protection Regulation, are just that. Don’t worry, this article is not your next horror story. We

Read More »
GDPR

Privacy Policy : The ultimate checklist

Have you decided that it’s time to revise your privacy policy?  Are you busy with starting a new business? Have you recently launched a website or application? Or have you expanded into new markets and territories? Good for you! It might not be the most thrilling part of your work, but

Read More »
passwords

Passing passwords

People and passwords. Our love-hate relationship is not that strange, since – in our busy lives – it’s something else to remember and something else to forget. Therefore, at the convenience end of the scale, you can use the same password for everything; from your bank account to a cooking

Read More »
SOC 2

SOC 2, who?

Today is a great day for abbreviations, don’t you think? Great, let’s go. The American Institute of Certified Public Accountants (AICPA) introduced the System and Organization Controls (SOC). This is the name of one of the more common compliance requirements that (tech) companies should meet today based on the Trust

Read More »
phising emails

How to: Noticing phishing emails

Emails. Just like they can be either formal or informal and personal or general, they can be either real or false. We know these false emails as phishing emails.  Phishing emails, unfortunately, is not a new phenomenon. It has been the most common attack vector for cybercriminals for a number

Read More »

Start-ups and compliance: why you should start after all

Hey, busy worker. We totally understand that, as a start-up founder or employee within a brand new company, you are dealing with a lot of stuff. You are (contributing to) building everything from the ground, which deserves a big round of applause. Though, being that busy can lead to losing

Read More »
Data Breach

When does one talk about a data breach?

Any idea where the sensitive data within your company goes? Where the medical patient records, the identity information of clients and employees or the lists with contact- and payment details end up? Data breach is a growing trend. Not the type of trend that is fun, like trends in clothes,

Read More »

TNW Amsterdam, here we come!

Meetings, pitch, demo, coffee, repeat. If that doesn’t sound like music to our ears, we don’t know what will. Luckily, this is exactly what the 16th and 17th of June entails for the team of Compleye, when we will be present at TNW conference in Amsterdam with our very own

Read More »
Just a little about Compleye | Best Online Compliance Platform

Just a little about Compleye

When Compleye’ s CEO Karolin started to be busy with the topics security, privacy and quality, she was searching for likeminded people that would be able to break out of the fixed patterns and the set old ways of compliance.  She didn’t necessarily search for developers – she sought people

Read More »
The GDPR policy - Compleye’s advisory advice | Compleye

The GDPR policy – Compleye’s advisory advice 

The GDPR policy – yet another abbreviation to keep in mind. Please do. The General Data Protection Regulation is super important, since it governs the way in which personal data (yes, also yours) is gathered and handled in the European Union. Long story short: it tells you about your rights. Quite an

Read More »
Why did we decide to create DIY Compliance Tool? | Compleye

Why did we decide to create DIY Compliance Tool?

What if we tell you that you can start with your business’ compliance matters all by yourself? Yes, you’re reading it correctly: use your rookie – based knowledge and tackle them without compliance officers or wizkids. Please say hi to  DIY Compliance Tool within the online platform of Compleye.   Do

Read More »
Compleye’s Startupper: Overview never felt so good | Compleye

Compleye’s Startupper: Overview never felt so good

If we’d ask you how many tools your company is using, could you name them? Which subscriptions are monthly and annually billed from your bank account? Any idea which people have access to every single one of your business’ 3000 excel files? You probably didn’t even know that there were

Read More »
Our ISO27001 certification approach, makes it almost fun! | Compleye

Our ISO27001 certification approach, makes it almost fun!

How is your ISO27001 certification working out for you? There is a reasonable chance that collecting all necessary documentation makes you want to throw your pc out of the window. Don’t. Compleye is here to the rescue. “Making compliance almost fun”, is one of our quotes for a reason.

Read More »

The X-Ray is your Compliance Start!

“X-ray noun [eks-rei] – a type of radiation that can go through many solid substances, allowing hidden objects such as bones and organs in the body to be photographed”. Don’t worry, we are not going to examine the internal composition of your body. Though, we will do this to your business. Truth or dare?

Read More »

Keen on Lean: Compleye’s Lean Compliance Designers.

Let us take you on a journey. In the interesting – give it a chance – world of compliance, (amongst others) you will find compliance officers, compliance managers, compliance consultants and compliance designers. But what are the differences between those positions? And more importantly: why does Compleye choose to work with Lean Compliance Designers, in order to support your company and its security and privacy challenges?

Read More »