reha gmbh
Reha gmbh was founded in 1969 in Saarland and promotes the professional and social inclusion of people with disabilities. With six locations, the company combines professional services such as printing, logistics, and digitization with social programs, thereby fostering integration into the workforce and society.
Result at a Glance
Development and certification of an ISMS with integrated BCM
As a social institution with six locations in Saarland and around 1,000 employees, reha gmbh is facing a unique starting position: The company focuses on professional and social inclusion of people with disabilities, not on IT security architecture. Nevertheless, growing regulatory requirements called for the complete development and certification of an information security management system (ISMS) including business continuity management (BCM) in accordance with the BCI standard.
In addition, there was the obligation to implement the requirements of the European NIS2 Directive by the deadline—a significant compliance effort that would have been nearly impossible to manage without a structured software solution. The challenge lay in mapping the multitude of requirement catalogs—from ISO 27001 to ISO 5001 to IT-Grundschutz—into a consistent system without overburdening internal resources.
Unified GRC platform with Athereon GRC
To meet these complex requirements, Athereon GRC was implemented as a central, unified platform that consolidates all relevant security and compliance processes. Through the integrated ISMS and BCM modules, reha gmbh now maps all requirement catalogs in a structured manner on one single interface. Athereon GRC compliance management creates valuable synergies in the documentation of related standards—such as ISO 27001 and NIS2—which prevent duplication of effort and significantly reduce the overall workload. Furthermore, Athereon GRC's smart questionnaires enable a cross-location analysis of compliance coverage across all six sites. Automated workflows and integrated risk management ensure that all relevant stakeholders are directly involved in the processes—in a practical, understandable, and collaborative manner.
Successful certification and a secure ISMS
By implementing Athereon GRC, reha gmbh was able to successfully establish its ISMS and achieve the desired certification. The company now has a secure, sustainably operated information security management system that covers all regulatory requirements—including NIS2.
The centralized platform provides a real-time overview of the compliance and risk situation at all locations, at any time. Documentation of complex requirement catalogs and location-specific details was efficiently implemented using Athereon GRC's smart questionnaires and linked compliance standards. The reduction in effort achieved through smart workflows and the direct involvement of all relevant stakeholders is clearly noticeable.
"Working with Athereon GRC to implement our information security management system was extremely valuable for us as a sheltered workshop. As a social institution, our primary focus is on working with people. This made it all the more important for us to have a partner who could provide practical and clear guidance on the requirements for an ISMS. With Athereon, we have a young, dedicated team from Saarbrücken by our side that works with us as equals and has a good understanding of our circumstances. Thanks to their structured and pragmatic support, we were able to successfully implement the current information security requirements. Athereon is a competent and reliable partner for us, and we are happy to recommend them."
Would you like to learn more?
Book a noncommittal demo appointment with our team to analyze your individual use case with us.
More Success Stories
Leading Organizations Rely on Us
.avif)
.avif)
.avif)
.avif)
.avif)
.avif)
.avif)
.avif)
.avif)
.avif)
.avif)
.avif)
.avif)
.avif)
.avif)
.avif)
.avif)
