Governance, risk management, compliance – because two heads are better than one.

Compliance software with policy management simplifies compliance with laws and regulations in your company

Manage your compliance organization with special otris software. Structure compliance-relevant topics and document responsibilities. Develop documented and verifiable, company-wide policies and regulations in a centralized regulatory framework. Through topic-based storage and targeted communication of all policies you install a tool for the prevention of rule violations. In addition to the policy management, task management and risk assessment can be quickly and easily adapted to your company-specific requirements in otris compliance.

On the one hand, compliance stands for compliance with laws and prevents, for example, transfer of illicit funds, corruption or exploitation. On the other hand, compliance represents meeting the ethical standards and requirements set by companies themselves, which can go far beyond their legal framework. Examples of this include the form of cooperation with business partners, the behavior of employees among each other, or a production geared to sustainability. In case of compliance violations, the imposed fines can jeopardize the existence of companies. Not only companies, but also institutions, executives and employees run the risk of being liable to prosecution and having to pay damages. An elementary prerequisite for preventing violations is a functioning CMS (Compliance Management System).

otris compliance structures and automates your compliance organization. The software bundles all relevant information, reports and documents in topic-related libraries. With document control functions you determine which library contents are assigned to which employee groups, and demonstrate in an audit-proof manner that the contents have reached the employee. When creating the content, the system supports you with freely configurable editing and approval workflows. This kind of adaptability extends the application possibilities: for example, otris compliance is also suitable for document control in quality management. Company-wide policy compliance monitoring is a task with a high potential for error. Comprehensive filing, document control and archiving capabilities help compliance managers avoid mistakes and omissions in delivering their challenging work in compliance with the law.

otris compliance at a glance

  • Structuring and mapping of the compliance organization with responsibilities (according to the German Institute of Public Auditors’ Auditing Standard 980, and ISO standard 19600)
  • Overview of all corporate governance and compliance documents, dates and deadlines
  • Thematic policy library with all corporate governance and compliance documents
  • Subject-related assignment and distribution of documents – employees have access to their personal policy library
  • Notification feature (for remapped content / changes to the personal policy library)
  • Notification acknowledgement by the employee, and e-mail reminder if there is no response
  • Freely configurable workflows (e.g. best practice editorial workflow / approval workflow during document creation)
  • Document control functions developed according to the specifications of DIN EN ISO/IEC 17021-1:2015-11, section 10.2.3
  • Task management for the organization of compliance measures and controls
  • Documentation and archiving of compliance measures and evidence (such as read receipts)
  • Risk assessment for the identification and evaluation of risks
  • Audit-proof archive (according to the German Institute of Public Auditors’ Auditing Standard 880)
  • Checking the document collection for completeness and currency
  • Role- and privilege-based access concept
  • Legal taxation based on organizational units
  • History: Representation of the policy documentation at any time in the past
  • Deadline monitoring
  • Comprehensive search functions
  • Full-text indexing
  • AD / LDAP integration
  • Encrypted file storage
  • Evaluations for the management level
  • Business intelligence reports with design tool
  • Interactive diagrams
  • Interfaces to ERP, CRM or other systems
  • Individual adjustments tailored to customer needs
  • Flexible and cost-effective license model

otris compliance - compliance software - product graphic

All information from your company-wide GRC processes is collected in our compliance management system and made centrally available to the decision-makers in your company in a clearly structured way.

The compliant company with otris compliance

A prerequisite for employees to act in compliance with corporate policies is that they are familiar with all laws, rules and regulations. The larger the company and the number of employees, the more complex and elaborate the process of approving policies, distributing them in a targeted manner, and documenting the work. otris compliance helps you to meet this challenge.

How does document control work with otris compliance?
The software is a central platform on which you file all corporate governance and compliance documents, and subdivide them by topic into a policy library. Individual documents from the library can be assigned to selected areas of applicability. The structure of the topics and areas of applicability follows your compliance strategy. For example, in the policy library, you create a “Corruption” topic and assign the “Sales” scope of applicability to the documentation. You can refine areas of applicability and link them by combining function (accounting, sales, purchasing) with regions (Germany, France, Europe). Any employee working within a certain area of applicability has access to their personal policy library through the web browser. When new content is added to the library, the system notifies the employee with a read request. The feedback that the content has been received is documented for each individual user. If an employee fails to respond to a read request, he or she is automatically reminded after a predefined time and the compiled content is sent to the employee in question. Read requests are sent on the same principle for revised documents. In addition, the system provides the revised document with a version number. Document control in otris compliance does not just mean that content is delivered to the right recipients. The systematic control of documents already begins during the content creation process. Content that you want to add to the policy library can be submitted to predefined workflows. By compiling rights (reading, writing, sharing), you define roles that you assign to participating employees or employee groups.

Report, audit, proof
The software support thus facilitates the creation and distribution of content. On the other hand, you document your policy management in an audit-proof way: who created which version of a document, who released it, and when and who received and noted this document? Not only is this data important to account to stakeholders, but it also means that your good compliance work pays off in the event of conflict. Extensive reporting and statistics functions facilitate the presentation and visualization of guideline development. 

In just a few clicks, you can compile numbers and charts that illustrate the current state of the compliance organization. Even in smaller companies, compliance officers often lose track of whether the inventory of policies is complete and up-to-date. otris compliance helps you by automatically and systematically checking the directory for missing or obsolete documents. In addition to automated testing, the system simplifies manual control. With otris compliance you can easily create a visibility report for all stored documents. The report clearly lists for each individual document which person may read it.

Interfaces and adjustments
otris compliance seamlessly integrates into your existing IT environment. An optional connection to your Active Directory ensures that previously defined areas of applicability are at all times assigned to any associated employees: for new hires or internal job changes, the system synchronizes the changes via an interface with otris compliance. In addition to connecting your Active Directory, any further integration scenarios can be implemented using existing or programmed interfaces.

Ease of operation
Common to all otris products is their easy-to-learn interface. otris compliance bundles your extensive inventory of policies and procedures so that it is clear and easy to understand. The division of the interface into three parts is known from popular e-mail systems such as Microsoft Outlook. Traffic light colors help users to recognize immediately where action is required. Access to the system is also very simple: otris compliance can be run on your own server or in the cloud – in both cases the user uses the software via their web browser. The entire database is thus managed centrally. Local installations on employees’ PCs are not necessary.

„otris compliance offers us the opportunity to retrieve the documents quickly and clearly.“

Nils Langemann
Compliance consultant at MAST-Jägermeister SE

A reliable team: your sense of responsibility and our software

Structure and overview are basic prerequisites for the implementation of a lawful compliance organization. Creating, organizing, and targeting the growing number of procedures and policies is quickly becoming an unmanageable undertaking in medium and large enterprises. It becomes dangerous for the company if compliance managers lose track, because violations can lead to hefty fines. otris compliance helps you to manage the company-wide compliance organization:

  • Extensive document control functions manage the creation, release and targeted, company-wide distribution of all policies. Employees thus receive documents that are relevant to them. This is a fundamental condition for working in compliance with directives and preventing infringements.
  • If an employee disregards guidelines, consciously or unconsciously, it is important that you can prove the implementation of your compliance measures. The software also helps you in this case, as the system documents your work and archives it in an audit-proof manner.
  • Identifying and assessing compliance risks and managing them with appropriate countermeasures and recurring controls is an essential CMS component. For this, otris compliance provides a process-controlled approach and supports you in the structured processing of risk analysis results.


In addition to prevention and support in case of damage, otris compliance helps you to work more efficiently. Processes that you define when the system is created increase the efficiency of your compliance work. Users are guided by the given workflows and can concentrate fully on their subject-specific issues. This is not only more cost-effective, it also reduces the error rate of a complex compliance organization enormously. Simplify your responsibility in setting up and maintaining company-wide compliance management with otris compliance. The software establishes firm compliance structures in your company. Once integrated into the existing software environment, the system helps you with the future-proof installation of a company-wide compliance management system.

to product page

otris privacy

Control your data protection management with software for data protection ...

to product page

otris contract

Box - Vertragsmanagement

You will gain full control over the life cycle of all your contracts ...

to product page

otris corporate

Beteiligungsmanagement-Software otris corporate

You will gain a group-wide overview of all the information in your corporate group ...

Online demonstration registration

By submitting the contact form, you agree that the data voluntarily provided by you, and in particular your personal data, may be used to process your request. You can revoke this consent at any time. Further information can be found in our privacy policy. On request, you can receive it by email (send requests to:

Your representative:

Thomas Bong
Telephone +49 (231) 958069 50