Latest
Compliance Software Costs for SMEs: Comparison & Kopexa
Guide to compliance software: features, pricing models, audit and certification costs for SMEs, including comparison.
Julian Köhn·
Automotive Compliance: Mastering the Transformation
How the automotive industry integrates ESG, cyber and supply chain compliance, and how digital solutions can reduce costs by up to 30%.
DevOps & GDPR: Anonymising Data Automatically
How to maintain GDPR compliance in DevOps: automated anonymisation and pseudonymisation, PostgreSQL RLS/data masking, CI/CD integration for risk-free testing.
Julian Köhn·Compliance & Regulation
AI Dependency as a Compliance Risk: What the Anthropic Case Teaches Every CTO
A US decree cut off access to leading AI models overnight. Why AI dependency is a real compliance risk that belongs in NIS2, ISO 27001 and DORA.
Nikolai Shulgin·
What Is OSCAL? A Deep Dive Into Compliance as Code and BSI Grundschutz++
OSCAL turns security controls into machine-readable data. BSI Grundschutz++ adopts it as its native core. We explain the architecture, PDCA methodology and what the January 1, 2026 standard switch means for your ISMS.
Julian Köhn·
AI Governance for SMEs: The Path to AI Act Compliance
The EU AI Act will come into force in August 2026. Learn how, as an SME, you can systematically identify AI risks, integrate them into ISO 27001 and ISO 42001, and remain compliant.
Guides & How-To
GDPR Subject Access Request: How to Answer a DSAR Lawfully
A DSAR (Data Subject Access Request) under Art. 15 GDPR must be answered within 30 days. We walk you through the 8-step workflow from identity verification to data extraction and redaction, and which grounds for refusal are legally defensible.
Julian Köhn·
What Is an ISMS? Definition, Examples and Build-Up Guide
ISMS definition, concrete mid-market examples, PDCA cycle, vulnerability management and a practical build-up guide. With ISO 27001, BSI IT-Grundschutz, TISAX and NIS2 compared, plus fines and liability.
Julian Köhn·
5 Benefits of Automated Risk Analysis for Mid-Sized Companies
Learn how automated risk analysis helps SMEs detect risks early, ensure compliance and improve decision-making.
Julian Köhn·Industry Insights
Palantir: A Lesson in Vendor Risk Management
Switzerland blocks Palantir, Germany pushes it through bypassing parliament. An analysis of devastating risks and the sell-out of digital sovereignty.
Julian Köhn·
Why IT Security in 2025 Is Different from Ever Before
Discover the cyber threats of 2025: AI and automation are challenging organisations. Are you ready for the paradigm shift?
The Hidden Costs of Manual Compliance and How to Avoid Them
Manual compliance processes cost more than you think. Discover the hidden costs involved and how automation helps.
Privacy & Engineering
Running Matomo in a Privacy-Compliant Way: How to Do It Without a Cookie Banner
Cookie banners are annoying? With Matomo you can finally run analytics in a privacy-compliant, banner-free way. Step-by-step guide plus audit evidence.
Julian Köhn·
ESG Reporting: Making Sustainability in IT Measurable
How IT departments use Green IT metrics and ESG standards to precisely measure and report energy consumption, CO2 emissions and sustainability.
More Articles
Incident Management for SMEs: What, How & Who Helps
An SME guide to what incident management is, how to implement it, plus tools, reporting obligations, and risk management with Kopexa.
NIS2: The Underestimated Obligation for SMEs and Suppliers
NIS 2 obliges SMEs and suppliers to meet higher cybersecurity standards, reporting channels and ISMS integration for greater digital resilience.
Julian Köhn·
TISAX Roadmap for SMEs in the Automotive Industry
Achieve the highest information security standards with TISAX certification. Your path to greater trust and competitive advantage!
Certification Roadmap: ISO 9001 to 27001
Certification roadmap for ISO standards: Start with ISO 9001, leverage synergies with ISO 14001/27001. Reduce implementation time by 50% and save costs.
Julian Köhn·
NIS-2, GDPR & ISO 27001: Strategic Compliance Integration
European companies face NIS-2, GDPR & ISO 27001. Learn how integrated compliance strategies reduce costs and build trust.
ESG Compliance: How to Master the New Reporting Obligations
The CSRD is coming: learn how to use ESG compliance as a strategic advantage and turn it into a game-changer with Kopexa!
Julian Köhn·
ISO 27001 vs. TISAX: Costs, ROI & Strategy
ISO 27001 or TISAX? Costs, ROI, implementation timelines, synergies and industry fit - a data-driven decision guide for your ISMS.