Maturity-based compliance model
The ICT industry is characterized by dynamic change. Companies need to constantly update their core business, tap into potential in growth markets, realize innovative business ideas, and open up new business fields. As a result, Deutsche Telekom Group companies that have to tackle these challenges are extremely varied. Depending on the business model, size, and risk situation, these companies need different compliance management solutions.
That is why we have created a toolkit for maturity-based compliance. The purpose of the toolkit is to define compliance management system requirements at the different Group companies, taking their economic development, business strategies, and risks into account. We classified the companies based on their current life cycle phase (from start-up to market leader) and their specific compliance risks in a matrix. In addition, we defined five clusters along with minimum standards for each aspect of the compliance management system. For example, we determined which compliance policies need to be implemented by our subsidiaries, how often the subsidiaries need to participate in the compliance risk assessment, and how often they need to submit a compliance report.