LR pixel

avedos GRC News

Successful ISMS with risk2value at Swietelsky

The Swietelksy Group is a leading construction company in Central and Eastern Europe. With around 11,000 employees, over 3 billion euros in construction services and a decentralized organizational structure, the company stands out as an international player, national winner and regional champion in all segments of the construction industry. The Austrian-based company has international operations in Germany, Hungary and the Czech Republic as well as 15 other countries.

Fast facts:

  • Founded: 1936
  • Employees: 11,000
  • Construction services: 3 billion

*As of 2018/2019


Situation and objectives

Back in mid-2019, the group began to evaluate ways to professionalize its information security management and, at a later stage, IT risk management. It soon realized that its original plan, a solution based on Microsoft Excel, could not meet its expectations due to the complexity of the projects. Instead, the company decided to implement application-specific, audit-proof software solutions for ISMS from a single vendor for maximal flexibility with less overall work.

Selection and implementation of the software solutions

During the software selection process, the project team quickly saw that risk2value from avedos provided the best solution for these requirements. Key questions for Swietelsky included:

Due to its vast, comprehensive expertise in GRC, avedos met the company’s technical and business requirements.

The new ISMS tool should enable the installation, implementation, maintenance and ongoing improvements to an information security management system in line with ISO 27001. In risk management, however, Swietelsky wanted to rely on its existing internal know-how. This laid the foundation for a self-service implementation, performed in house by the company’s own experts. Instead of implementing brand-new processes, the company mapped and optimized its existing ones with the best-possible software support.

The entire process – from selecting the software to going live – took just six months. Although it chose a self-service implementation, the support team at avedos provided helpful assistance to answer any arising questions. Since Swietelsky and avedos shared similar views and ideas with regard to content, they teamed up effectively to find answers to their challenges.

risk2value generates added value for Swietelsky

Following the implementation of risk2value, Swietelsky received its ISO 27001 certification in December 2020. The company was able to professionalize its internal audit and measure planning processes due to the software solution’s vast flexibility regardless of the number of mapped assets. The internal feedback from employees at Swietelsky has been extremely positive as well. The management system’s clear design and visualizations as well as higher efficiency and transparency has created better insight across the organization.

Share on facebook
Share on twitter
Share on linkedin
Share on xing
Share on email

GRC alert!

GRC know-how for your inbox!

Get informed on the facts and latest trends in GRC – and stay tuned for upcoming events, webinars, podcast episodes or trainings.

CSM Webinar 150x151 Icon
Podcast icon avedos
CSM Event Icon avedos 150x151
CSM Newsletter Icon avedos 150x151
CSM Training 150x150 Icon