ISMS / ISO 27001 Consulting
Conception and Establishment
Today, the security of information is an elementary prerequisite for the success of a company, since information is a component of almost all transactions of a company. A holistic approach to the management of information security is necessary.
A so-called information security management system defines the rules and methods for a holistic business and IT security management in order to initiate procedures for information security, to implement concrete measures, to monitor them and to improve them continuously.
“The way to get started is typically through an ISMS scope workshop or gap analysis. These workshops at the beginning are important to better estimate the scope and effort of an ISMS implementation project.”
Our Consulting Offer
We advise and support you in the conception and establishment of an information security management system based on ISO 27001. The introduction of the ISMS is based on process-, organization- and technology-related security measures, which include the entire company (or the defined scope) and start from the company management according to the top-down approach
Depending on the customer’s needs, our services include an internal audit, a conception of the necessary organizational structure, a definition of the processes and the creation of necessary documentation. The ideal preparation for a successful certification.
Information Security Management
We advise you on the initial introduction of an ISMS and support you in the implementation of concrete measures.
1. Definition of the relevant ISMS processes based on best practices, adapted to your company
2. Support of the 1st and 2nd Line-of-Defence, e.g. in the creation of guidelines or selection of measures
3. Verification of the implementation of defined requirements within the framework of control activities
4. Identification of improvement potentials and implementation of measures for the continuous improvement of the ISMS
Setting Up and Maintaining Your ISMS
Whether you are just starting out or have already implemented initial measures, we will support you in every phase with our experienced consultants in the field of information security management systems. Our services include:
Definition of relevant ISMS processes based on best practices, adapted to your company.
Support in the creation of guidelines or selection of measures.
Execution of risk analyses and protection needs assessments.
Verification of the implementation of defined guidelines in the context of control actions.
Identification of improvement potentials and implementation of measures for continuous improvement of the ISMS.
Performance of internal audits.
“Whether your company is still at the very beginning or has already implemented initial measures, I will accompany you in every phase in the area of information security management systems. I am pleased to be able to support you here in a very concrete way with my expertise.”
Operation of your ISMS – Virtual ISO
With usd’s Virtual Information Security Office you receive customized and efficient support in managing your information security.
Based on your regulatory requirements and industry best practice standards, we provide you with the appropriate organization and services. With an appointed Information Security Officer on our side or as a pure Security Office with supporting services for your own ISO organization. The focus is on the strategic development of information security as well as the further development and improvement of the information security management system. This means that you do not have to build up the necessary know-how yourself – our team brings along bundled cyber security expertise and up-to-date qualifications.
“With our Virtual ISO, an entire team of highly qualified security experts supports you right away – with a dedicated contact person for you. We look forward to supporting you with our years of experience in ISMS projects.”