Improve security by uncovering vulnerabilities through audits and assessments!
We conduct audits and assessments in the areas of organisation, technology, law, infrastructure and people.
We use audit methods such as the analysis of existing requirements and documentation, personal questioning (interviews), inspections, observations of work carried out, sampling and technical system checks (e.g. penetration tests, cloud security assessments, configuration and hardening checks).We base our measurements on internationally recognised standards such as ISO 19011, ISO 27001/ISO 27002, ISO 27701, ISO 22301 or the NIST Cyber Security Framework. Our specialists also use other recognised specifications and frameworks for audits and assessments, such as the FONES ICT minimum standard, the FINMA circulars, COBIT, PCI DSS, OWASP or CIS Controls.
Head of Consulting