Compaas – Compliance as a Service
Menu

About Compaas

Compliance as a Service for mid-market companies – pragmatic, personal, and with a dedicated point of contact.

Known until 2025 as Lorenz Security

Compaas is a consultancy for information security, cybersecurity, and IT compliance. The offering is aimed specifically at mid-market companies that must meet growing regulatory and security requirements – without having to build extensive internal structures.

  • Self-employed since 2010
  • Certified ISO 27001 auditor since 2019
  • Software development and compliance from a single source
About Compaas

Background & expertise

Christian Lorenz – Founder of Compaas

Christian Lorenz

Founder & primary contact

Compaas combines technical expertise with pragmatic compliance consulting – personal service with a dedicated point of contact.

Compaas builds on many years of experience in software development and compliance consulting. Christian Lorenz started in the late 1990s with his first own web applications – that is where programming began. Since then, demanding, complex web applications have always been the focus. He has been self-employed since 2010, initially in software development and soon thereafter in the compliance topics that Compaas covers today.

Compaas has supported a large number of clients across a wide range of industries – with a focus on the mid-market companies the offering is designed for.

Since 2019, Christian Lorenz has been a certified ISO 27001 auditor. Compaas therefore combines consulting and audit perspectives – pragmatically and without unnecessary bureaucracy.

Industry experience

AutomotiveMechanical engineeringConstructionRetailTax advisory / auditingElectronicsMetal fabricationFoodHospitalitySocial enterprises and associations

"Compaas aims to relieve organisations so they can focus on their core business – with measures that actually work in day-to-day operations."

— Compaas

The challenge

Standards, laws, and customer requirements are becoming more complex. At the same time, qualified specialists in information security and compliance are hard to find and retain. Building internal capability costs time, money, and distracts from core business.

The Compaas solution

With Compliance as a Service, Compaas assumes specialist responsibility as an external partner: from gap analysis through pragmatic implementation to audit and certification support. Maximum effectiveness and efficiency – cost-effective and without unnecessary bureaucracy.

Our approach

1

Pragmatic, not theoretical

measures that work

2

Efficient, not overloaded

lean processes, clear priorities

3

Standards-compliant, not fear-based

serious and transparent

4

Personal and partnership-oriented

Compaas understands mid-market companies

Who we serve

For companies that want to implement or further develop ISO 27001, GDPR, whistleblower protection, CRA, defence requirements, the EU AI Act, CMMC, ISO 62443, or comparable standards – with a partner who thinks along and delivers.

What Compaas offers you

  • Personal intro call – no obligation
  • One dedicated point of contact at Compaas
  • Response typically within 24 hours
  • Practical approach, not standard slide decks
ISO 27001Data Protection (GDPR)Whistleblower ProtectionCyber Resilience Act (CRA)VS-NfD / ITAREU AI ActCMMCISO 62443

Ready for the next step?

Get to know Compaas – personal, non-binding, and tailored to your situation.

View services Get in touch