Digitize governance & compliance

What governance & compliance means and how Versio.io helps to formalize and automate compliance verification

In a nutshell Request demo Free trial
The regulatory internal and external requirements for reducing risks in companies and organisations have increased in recent years. Many companies and organizations find it difficult to understand the associated concept of "governance and compliance" and its operational implementation.
In this blog post we will try to shed some light on the subject of governance and compliance. Furthermore, we want to show how Versio.io can be used to automate the adherence to governance and compliance very easily in order to reduce the necessary efforts.

What is governance?

What is governance?

What is governance?

Governance include rules that are created by executives and the board of directors in order to establish ethical terms and requirements for their company. Governance policies are optional and determine the companies attitude towards business practices and risks.

In terms of naming conventions governance specifies for instance the correct creation of invoice numbers or purchase order numbers. To comply with national or international tax and finance regulations, invoice or PO numbers have to fullfill certain requirements. Versio.io enables you to prove whether these numbers have been created correctly at any point in time and thus comply with current legal regulations.

What is compliance?

What is compliance?

What is compliance?

Compliance refers to requirements that an organization must meet in order to conform with law and to prevent any legal action, fines or penalties. In contrast to governance policies compliance policies are not optional.

General compliance rules are defined by relevant laws, policies, and regulations. In Germany, the Federal Office for Information Security (BSI) defines IT rules for certain industries that must be provably complied with.

In the table you find organisations and institution that have etsablished governance and compliance rules in different laws and frameworks for enterprises.

Organisation Document Reference
European union
European union General data protection regulation (GDPR) https://ec.europa.eu
European union Capital Requirements Directive - Requirements from Basel III framework https://eba.europa.eu
European union Directive 2014/65/EU on markets in financial instruments https://eur-lex.europa.eu
Federal Republic of Germany Federal Data Protection Act (BDSG) https://www.bfdi.bund.de
Federal Republic of Germany Law on Control and Transparency in Business https://www.bgbl.de
Federal Republic of Germany Principles for data access and auditability of digital documents (GDPdU) https://www.bundesnetzagentur.de
Federal Republic of Germany Telecommunications Act https://www.bmjv.de
Federal Financial Supervisory Authority (BaFin) Minimum Requirements for Risk Management (MaRisk) https://www.bafin.de
Federal Office for Information Security IT baseline protection (IT-Grundschutz) https://www.bsi.bund.de

Centralized repository for enterprise assets & configurations

Centralized repository for enterprise assets & configurations

Centralized repository for enterprise assets & configurations

Whether business, IT, production or organization Versio.io can comprise all relevant data from these business areas. The Versio.io OneImporter allows you to import data with ease.

Within the business data you may import any sales, legal or finance documents or data. In the area of IT Versio.io can process data from IT monitoring, ITSM and your IT infrastructure. From your production you may import any data important for planning, building and delivery process. Within your organizational data you can import data from your organigram, HR or identity management.

The central enterprise repository only contains critical asset or configuration data. This allows the central processing of data from various applications and data sources by the different Versio.io solutions.
The relationships between asset or configuration data can be mapped which creates a new added value, especially when data from different data sources is transferred. On this basis Versio.io can map the entire enterprise topology.
In the repository asset or configuration data are reassembled which is also known as asset and configuration design. This allows the simplification of data post-processing in Versio.io.
Any asset or configuration data are historized. Thereby, any change is gathered dependent on time. This leads to higher data quality as provided by the original data source.

Historical data provide validations of changes over time

Historical data provide validations of changes over time

Historical data provide validations of changes over time

Versio.io gathers all imported data and stores them in a database. By synchronizing the imported data Versio.io notices data changes and stores them keeping all previous versions in its database.

Older versions remain visible for you and can easily be tracked as any change is listed chronologically in a timeline.

Automate rule-based verification with Versio.io

Automate rule-based verification with Versio.io

Automate rule-based verification with Versio.io

The Versio.io CMDB offers the best basis for rule verification, whether it be governance or compliance rules:

Firstly, Versio.io gathers data from different applications and other data sources to form a central repository. Secondly, Versio.io illustrates the relations between data from different data sources for you to easily understand the correlations. Thirdly, the historization of data create knowledge about changes and the complete life cycle of your data.

Each new creation or change gathered can be verified with regard to governance and compliance. By means of the freely definable rules, the following data constellations can be accessed:
  • 1. Single change
  • 2. Change including its related data quality
  • 3. Change with its entire history
Rule violations are recorded and their temporal occurrences are visualized. Furthermore, notifications (e-mail, chat) or actions (automation, incident creation, triggering events in other systems) can be executed.

Learn more












Enterprise asset management




Configuration item


Configuration management database




We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.