ISMS / ISO 27001 Consulting

Conception and Establishment

Today, the security of information is an elementary prerequisite for the success of a company, since information is a component of almost all transactions of a company. A holistic approach to the management of information security is necessary.

A so-called information security management system defines the rules and methods for a holistic business and IT security management in order to initiate procedures for information security, to implement concrete measures, to monitor them and to improve them continuously.

Maximilian Müller
Managing Consultant

"The way to get started is typically through an ISMS scope workshop or gap analysis. These workshops at the beginning are important to better estimate the scope and effort of an ISMS implementation project."

Our Consulting Offer

We advise and support you in the conception and establishment of an information security management system based on ISO 27001. The introduction of the ISMS is based on process-, organization- and technology-related security measures, which include the entire company (or the defined scope) and start from the company management according to the top-down approach

Depending on the customer’s needs, our services include an internal audit, a conception of the necessary organizational structure, a definition of the processes and the creation of necessary documentation. The ideal preparation for a successful certification.


Information Security Management

We advise you on the initial introduction of an ISMS and support you in the implementation of concrete measures.

1. Definition of the relevant ISMS processes based on best practices, adapted to your company

2. Support of the 1st and 2nd Line-of-Defence, e.g. in the creation of guidelines or selection of measures

3. Verification of the implementation of defined requirements within the framework of control activities

4. Identification of improvement potentials and implementation of measures for the continuous improvement of the ISMS

Setting Up and Maintaining Your ISMS

Whether you are just starting out or have already implemented initial measures, we will support you in every phase with our experienced consultants in the field of information security management systems. Our services include:

Definition of relevant ISMS processes based on best practices, adapted to your company.


Support in the creation of guidelines or selection of measures.

ISMS Definition

Execution of risk analyses and protection needs assessments.

Verification of the implementation of defined guidelines in the context of control actions.

ISMS Pflege

Identification of improvement potentials and implementation of measures for continuous improvement of the ISMS.

Performance of internal audits.

"Whether your company is still at the very beginning or has already implemented initial measures, I will accompany you in every phase in the area of information security management systems. I am pleased to be able to support you here in a very concrete way with my expertise."

Ester Widera
Senior Consultant

Operation of your ISMS – Virtual ISO

With usd's Virtual Information Security Office you receive customized and efficient support in managing your information security.

Based on your regulatory requirements and industry best practice standards, we provide you with the appropriate organization and services. With an appointed Information Security Officer on our side or as a pure Security Office with supporting services for your own ISO organization. The focus is on the strategic development of information security as well as the further development and improvement of the information security management system. This means that you do not have to build up the necessary know-how yourself our team brings along bundled cyber security expertise and up-to-date qualifications.

Andreas Borgwart
Managing Consultant

"With our Virtual ISO, an entire team of highly qualified security experts supports you right away - with a dedicated contact person for you. We look forward to supporting you with our years of experience in ISMS projects."

Internal Audit According to ISO 27001

With an internal audit according to ISO 27001 we check the maturity level of your ISMS – as preparation and prerequisite for your successful certification.

Unsere Beraterinnen und Berater

Our Consultants

Our experts are a flexible and interdisciplinary team consisting of experienced managing consultants, senior consultants and dedicated juniors.



Please contact us with any questions or queries.

Phone: +49 6102 8631-190
Contact form


Felix Schmidt
usd Team Lead Sales
Security Consulting