Commugen launches KRITIS and RKEG compliance automation platform

By AI, Created 11:03 AM UTC, May 20, 2026, /AGP/ – Commugen on April 30 said it has launched an end-to-end automation platform for KRITIS in Germany and RKEG in Austria, aimed at helping critical infrastructure organizations cut manual cyber GRC work and stay audit-ready. The company says the system is designed to support organizations facing tighter cybersecurity rules, faster enforcement timelines and rising audit demands across Europe.

Why it matters: - KRITIS and RKEG are tightening cybersecurity obligations for critical infrastructure and essential entities in Germany and Austria. - Commugen is targeting organizations that need continuous compliance, not periodic spreadsheet-based reviews. - The platform is designed to reduce manual work across risk, policy, vendor, remediation and audit processes.

What happened: - Commugen announced an end-to-end KRITIS and RKEG compliance automation solution on April 30, 2026. - The launch covers Germany and Austria. - Commugen says the platform is the world’s first out-of-the-box system built specifically for KRITIS and RKEG compliance automation. - The company also posted a social link: Commugen on LinkedIn.

The details: - The platform is built on Commugen’s Cyber GRC automation platform and uses specialized AI GRC agents. - The system automates the compliance lifecycle, including risk management, policy management, vendor risk assessments, mitigation planning, reporting and audit readiness. - The platform provides a unified control framework that maps KRITIS, RKEG, NIS2, ISO 27001, NIST and other cybersecurity frameworks into one system. - Automated cyber risk management continuously identifies, assesses and prioritizes risks across assets, systems and business processes. - Commugen’s AI Policy Generator turns security controls into version-controlled, traceable policies aligned with frameworks such as ISO 27001, NIS2 and NIST. - Vendor questionnaires are analyzed with AI Evidence Analysis to flag gaps, inconsistencies and outdated certifications. - The company says that vendor risk work can be reduced by up to 70%. - AI Mitigation Advisor generates step-by-step remediation plans with tasks, owners, deadlines and traceability. - Reporting and dashboards support KRITIS audits, RKEG audits, NIS2 reporting and executive oversight. - The platform uses a no-code architecture so organizations can customize workflows, controls and reporting structures. - Commugen says the platform also supports DORA, SOC 2, GDPR, cyber resilience frameworks, cyber risk quantification and broader cyber governance programs. - The company says it is trusted by Fortune 500 companies and more than 150 enterprises worldwide, including customers in banking, pharmaceuticals, telecommunications and critical infrastructure.

Between the lines: - The launch reflects a shift from point-in-time compliance projects to continuous compliance operations. - KRITIS and RKEG both create pressure for stronger evidence collection, faster remediation and more consistent audit documentation. - A single platform that covers multiple frameworks may appeal to organizations dealing with overlapping EU and global rules.

What’s next: - Enforcement timelines are accelerating across 2025 and 2026, raising urgency for affected organizations. - Companies in regulated sectors such as banking, telecommunications, healthcare, manufacturing and energy will likely keep investing in compliance automation. - Commugen is positioning the platform as an enterprise-ready option for organizations looking to centralize cyber GRC work across multiple regulatory regimes.

The bottom line: - Commugen is betting that the next phase of cyber compliance in Europe will be automated, continuous and multi-framework by default.