Our services at a glance
IT Security-
consulting
Highest security requirements, especially for KRITIS companies, are guaranteed by the implementation of an ISMS according to ISO 27001. We are happy to contribute our profound experience to accompany you in this process.
Data protection-
consultation
With the introduction of the EU General Data Protection Regulation, there are new and stricter laws that apply to companies of all sizes. Build on our experience in data protection and bring your operations into compliance with the EU GDPR as well as the German Federal Data Protection Act (BDSG neu).
data protection meets 27001
In 2019, the new ISO/IEC 27701 was published, which, closely based on ISO/IEC 27001 (ISMS), deals with the establishment of a Privacy Information Management System (PIMS). This is where the two previously separate areas of data protection and information security come together. We were the first to qualify for this.
As a certified IT security consultancy combined with over 25 years of experience, we provide you with comprehensive advice on all IT security issues and work with you to set up an Information Security Management System (ISMS) so that you are prepared for future attacks. Crypto Trojans quickly lose their terror if you know which preventive measures to take. Don't hesitate: the comparatively small investment in your IT security is worth it in any case.
Cyber security is not a brake on innovation, but a guarantor of innovation.
- Setup and application of an ISMS according to ISO 27001
- Creation of an effective IT security policy
- Creation of IT policies
- Asset Management
- Conducting the risk analysis according to ISO 27005
- Measurement of security according to ISO 27004
- Preparation of a Statement of Applicability (SoA)
- Compliance Management
- Awareness-Plans
- Business Continuity Management (BCM) incl. Incident Management in terms of ITIL
- IT Grundschutz nach BSI (for Germany only)
Key topics of the EU-GDPR:
- Directory of processing activities (Art. 30 GDPR)
- Order processing (Art. 28 GDPR)
- Privacy by Design and by Default (Art. 25 GDPR)
- Privacy Impact Assessment (PIA), DSFA (Art. 35 GDPR)
- Information obligations (Art. 13, 14 GDPR)
- Technical and organizational measures, TOM (Art. 32 GDPR)
- Meldepflichten (Art. 33 GDPR)
- Betroffenenrechte (Art. 15, 17, 20 GDPR)
Our service is designed for companies of all sizes and industries. We offer you an all-round carefree package that includes the following elements:
- Information workshop with as-is analysis of your processes and data processing
- Development of a roadmap with recommendations for action and corresponding templates
- Realization and implementation of the relevant processes and documents
- Carrying out a risk analysis with PIA or self-developed tool
- Advice to the management on all topics of the GDPR and the BDSG (new)
- Training for your employees
- Appointment of an external data protection officer if required