About LUY - Business Use - Read more

Digitization - "just do it"

To go forward with digitization, the required digital technologies and the respective capabilities must be identified and tapped.
The potential offered by digital technologies must be identified and exhausted.

Optimizing business IT alignment and ensuring adequate digital technology support for business processes over the long term; identifying and closing gaps in IT support for business capabilities.
Ensuring that information flows without interruptions caused by incompatible media formats; identifying, analyzing and, if possible and sensible, automating manual and analog processes and communication interfaces.
Using digital analytics methods including machine learning, pattern recognition, and AI to automate processes and identify potential for optimization.
Leveraging digital technologies and agile methods (e.g., DevOps) to boost customer and service orientation in product development and to optimize development cycles and the time-to-market for products.

Gaps in IT support for business processes and capabilities are identified by means of layout plans so they can be analyzed in detail and closed.
The quality of the IT support is assessed against a number of parameters and inadequate IT support can be highlighted in color on diagrams.
Information flow diagrams can help identify incompatible media formats and manual/analog interfaces for analysis.
The use of digital methods and tools can be visualized transparently and analyzed because the technologies are linked with processes, business units, and capabilities.
Analyzing the company's IT landscape and business IT alignment helps highlight areas where agile development methods such as DevOps are suitable.

Conformity with applicable legal and regulatory stipulations must be ensured and guaranteed over the long term.
Proof of regulatory conformity must be provided in a timely manner upon the request of the auditors.

Conformity with the EU's General Data Protection Regulation (GDPR) and the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG)
Conformity with industry-specific regulatory stipulations
For banks: bank-prudential requirements for IT (Bankaufsichtliche Anforderungen an die IT, BAIT)
For insurance companies: insurance-prudential requirements for IT (Versicherungsaufsichtliche Anforderungen an IT, VAIT)
For equity management companies: equity-management-prudential requirements for IT (Kapitalverwaltungsaufsichtliche Anforderungen an IT, KAIT)
Critical infrastructure (KRITIS) requirements for IT processing in diverse industries if predefined threshold values are exceeded
Compliance management according to ISO 19600
Conformity with BSI standards
200-1: management systems for information security
200-2: basic IT protection methodology
200-3: risk management

All the required information concerning information systems and infrastructure elements can be collected in LUY including

results of protection requirements assessments
processing of personal data
level of achievement of protection goals, for example, integrity, availability, authenticity, and confidentiality
risks
contact information of the persons responsible
links to detailed system and process documentation

LUY uses surveys to help you collect the relevant information and helps ensure the information is up-to-date at all times.

The configurable plug-in API scripts can be used to implement QS workflows.

Business-critical activities and processes must be secured using strategies, measures, and contingency plans.
Serious damage and loss during emergencies must be avoided.

- 200-4: business continuity management

- 100-4: emergency management

- processes

- IT systems

- staff

- maintenance contracts

- contingency plans

- persons responsible

- disaster managers

LUY can be used to assess and document the criticality, contingency risks, and protection requirement categories of all relevant IT objects including processes, information systems, capabilities, information flows, and infrastructure elements.
Surveys can be used to control decentralized data maintenance to ensure up-to-date information is available at all times.
Results of assessments of relevant objects can be presented graphically at any time to ensure elements requiring protection can be identified even in very complex environments.
Freely configurable attributes facilitate identification of whether contingency plans and disaster managers have been defined for all relevant objects and where they are located.

Achieving transparency of cost allocation and cost drivers
Identifying and exhausting potential for consolidation
Identifying and exhausting potential for standardization
Developing and implementing a sourcing strategy
Publishing requests for proposals and selecting sourcing partners
Developing and implementing a cloud strategy; assessing the cloud-readiness of information systems and infrastructure elements
Service management, service provider monitoring, cost control

Achieving cost transparency through cost parameters and automatic aggregation and distribution mechanisms and visualizing cost allocation throughout the IT landscape.
Documenting the IT support available for processes, organizational units, or capabilities helps identify redundancies and thus identify and exhaust potential for consolidation
LUY can be used to analyze the level of heterogeneity of the IT landscape and the related potential for standardization.
Analyzing interdependencies among the various sections of the IT landscape can facilitate the development and implementation of either a sourcing or a cloud strategy.
To support the publication of requests for proposal, LUY delivers reports and visualizations that can be configured freely and generated with a few clicks.
The volume of external sourcing or cloud services can be documented/imported based on parameters and used to audit invoices received from service providers.