Information security is the assurance of the confidentiality, availability and integrity of information, regardless of how it is represented and stored, and of information processing systems. Information is thereby protected from loss, falsification and unwanted disclosure.
With well thought-out information security, you protect your information the best way possible. At the same time, you also demonstrate your sense of responsibility and your duty of care. This will be noticed – by your customers, employees, suppliers, stakeholders, etc. Especially if you have your company certified according to the international standard ISO 27001. Transparency and security create trust and have a positive impact on your reputation
Information security management system ISMS
Step by step towards information security
An effective information security management system (ISMS) in accordance with ISO/IEC 27001 protects your information in a risk-based and sustainable manner. We support you in setting up an ISMS – in a practical, structured manner tailored to your company’s individual needs.
Our ISMS project approach: Three steps to success
- ISMS gap analysis – Where do you stand?
- Setting up and implementing your ISMS – Structured and integrated
- Certification – We get you ready for certification
Setting up an ISMS is also very beneficial without certification!
Compliance
We support you in implementing legal and regulatory requirements on your path to compliance for example for:
- Information Security Act
- Federal Social Insurance Office: Guidelines on information security and data protection audits
- DPCO
- DORA
- NIS-2
- FINMA circulars on risk management, governance and resilience
With a status assessment or gap analysis, we determine where you currently stand and support you according to your requirements and at your pace until the respective requirements are implemented.
Audits and assessments
We offer comprehensive audit services for information security standards and compliance (legal and regulatory requirements).
We assist you from planning and conducting audits to the final report – with clear analyses, concrete recommendations for action and active support during implementation. This enables you to create transparency, reduce risks and meet regulatory requirements in a sustainable manner.
ICT minimum standards
The federal government’s ICT minimum standards aim to strengthen cybersecurity and the resilience of critical infrastructures.
We support operators of critical infrastructures and other affected organizations in introducing, implementing, and sustainably embedding these minimum standards.
Information Security Act
Good things come to those who wait? For the new Information Security Act Informationssicherheitsgesetz ISG we offer
- Consulting on whether and in what form the law could affect your organisation.
- Consulting with affected companies on the implementation of the requirements.
ISDP concepts
A solid ISDP concept (information security and data protection) gives the basis for the secure and legally compliant operation of IT systems and the processing of information (including personal data). We provide comprehensive support in the creation and implementation of such concepts – from the analysis of protection requirements and risks to the documentation of technical, organisational and legal measures and their sustainable integration into operations.
