Who we are
We are a flexible and interdisciplinary team consisting of experienced senior consultants, dedicated juniors, technical IT security experts and a network of long-standing, specialized partners who complement our expertise in the project business. Our team has more than 50 members with the goal to incorporate security into your company holistically.
We share our experience and know-how in various publications, lectures, research projects and specialist groups. To name just a few examples: We are a founding member of the CAST Forum, a partner of ATHENE and are involved in various ISACA specialist groups.
Dr. Christian Schwartz
“Our clients’ security is the focus of my daily work. Together with them I develop information security strategies, define long-term goals and accompany the harmonization with new financial regulatory requirements. However, I also help with operative tasks where necessary.”
“My work with our clients is characterized by many years of trust and mutual appreciation. The introduction and implementation of complex information security management systems (ISMS) are my core competencies.”
“Guidelines that adhere to compliance requirements while still being practical play an increasingly important role today. The documentation requires know-how and time – in addition to their day-to-day business, this task poses a major challenge to many companies. I’m glad that I’m able to provide hands-on support with that.”
“I accompany companies in their day-to-day business and help them improve the security of their processual, organizational and technical structures. My work is varied and interesting, no day is like the other. That’s challenging and I enjoy it a lot.”
“In order to organize ISMS processes in companies more efficiently, I help with the introduction of suitable tools. For example, workflows for protection needs assessments and security assessments can be automated. Furthermore, I advise our customers on the topic of risk management. I enjoy finding a suitable solution even for the most complex contexts.”
“I feel most at home where technology meets compliance. ISO 27001, BAIT, MaRisk and a growing number of new regulations present companies with ever new challenges with regard to their IT organization and documentation. My motivation is to implement these in an efficient and practical way.”
“I support companies in achieving and maintaining their ISO 27001 certification. The phases of planning, implementation, review and improvement must interlock perfectly. This is why it is always a pleasure to share with my clients the joy of being awarded for the first time or maintain a certificate.”
Dr. Richard Grewe
"In addition to a structured, professional onboarding program for our new colleagues, we continuously invest in our continuing education and the achievement of internationally recognized certifications."
What matters to us
Security Consulting is about processes, technology and people and can therefore never be a standardized service. Getting to know our clients and their individual situation and help them directly and pragmatically – that’s what drives us.
What we offer
Our consultants bring several years of experience in relevant information security projects. In addition to experience in finance, we have industry expertise in tourism and retail. Our expertise in information security is rounded off with project management know-how.