For a ServiceNow consultancy, that is more than a footnote. Rynex builds exactly what companies need to get through an audit with as little stress as possible: mapping control frameworks, keeping evidence clean and audit-proof, managing risk proactively instead of reactively. For its own audit, the company then sits on the other side of the table. The same controls, the same documentation, the same external review - only this time it was Rynex itself under examination.

Each side sharpens the other.

The technological core is ServiceNow Integrated Risk Management (IRM). What Rynex implements for its clients is also in use in-house - and delivers direct, hands-on proof that the approach holds up. What was still entirely new at the first certification last year has since become a fixed part of the daily work.

Guiding this year's audit hands-on was Karina Naumann, Senior Project Manager at Rynex and Product Owner for ServiceNow IRM. With 14 years of experience in compliance, she knows both perspectives - writing the policies as well as putting them into operation in the tool. Her takeaway on the dual role: "Each side sharpens the other."

And yes: there was some sweating during our own audit too, a few minor findings included. Part of the deal.