We provide advice in the setup and operation of management systems for information security, business continuity, data protection and quality management. Our consulting approach is based on internationally recognised standards such as
- ISO/IEC 27001 – Information technology – IT security procedures– Information security management systems – Requirements
- ISO 22301 – Security and protection of the community – Business continuity management system – Requirements
- ISO/IEC 27018 – Information technology security procedures – Application rule for protecting personal data (PII) in public clouds, which occur as PII processors
- ISO/IEC TR 27019 – Information technology security procedures – Guide for the information security management of energy supply control systems based on ISO/IEC 27002
- IT security catalogue of the Federal Network Agency in line with Paragraph 11 Section 1 of the EnWG Energy Economy Law
- ISO 9001 – Quality management system – Requirements
- EU-DSGVO – EU General Data Protection Regulation
Our personal-certified advisors and accredited and authorised auditors follow recognised best practice approaches to solution-oriented and customer-specific implementation.
Our tailored security concepts are based on the analysis of risks and possible attack and damage scenarios. Security concepts support you in achieving a specific level of protection with economically appropriate methods.
Beyond the limits of the industry, we create and implement security concepts for applications, IT infrastructures and data centres. Among other things, this covers:
- IT security concepts
- Management manuals
- Emergency manuals
- Alarm cards
We offer security analyses and examinations as both detached and supporting services in the following areas of focus:
- Audits (ISMS, critical infrastructures, data centres)
- Risk analyses
- Penetration tests (web applications, networks, critical infrastructures)
Our advisors are also accredited auditors at DakKS-accredited certification authorities.