ISMS / ISO 27001 Consulting
Conception and Establishment
Today, the security of information is an elementary prerequisite for the success of a company, since information is a component of almost all transactions of a company. A holistic approach to the management of information security is necessary.
A so-called information security management system defines the rules and methods for a holistic business and IT security management in order to initiate procedures for information security, to implement concrete measures, to monitor them and to improve them continuously.
We advise and support you in the conception and establishment of an information security management system based on ISO 27001. The introduction of the ISMS is based on process-, organization- and technology-related security measures, which include the entire company (or the defined scope) and start from the company management according to the top-down approach.
Depending on the customer’s needs, our services include an internal audit, a conception of the necessary organizational structure, a definition of the processes and the creation of necessary documentation. The ideal preparation for a successful certification.
Information security management
We advise you on the initial introduction of an ISMS and support you in the implementation of concrete measures.
1. Definition of the relevant ISMS processes based on best practices, adapted to your company.
2. Support of the 1st and 2nd Line-of-Defence, e.g. in the creation of guidelines or selection of measures
3. Verification of the implementation of defined requirements within the framework of control activities
4. Identification of improvement potentials and implementation of measures for the continuous improvement of the ISMS
Setting up and maintaining your ISMS
Whether you are just starting out or have already implemented initial measures, we will support you in every phase with our experienced consultants in the field of information security management systems. Our services include:
Definition of relevant ISMS processes based on best practices, adapted to your company.
Support in the creation of guidelines or selection of measures.
Execution of risk analyses and protection needs assessments.
Verification of the implementation of defined guidelines in the context of control actions.
Identification of improvement potentials and implementation of measures for continuous improvement of the ISMS.
Performance of internal audits.
Internal audit according to iso 27001
With an internal audit according to ISO/IEC 27001:2013, we check the maturity level of your ISMS – as preparation and prerequisite for your successful certification.