Information security

You want to review whether your company-wide risk management considers business critical information appropriately, completely and effectively. You want to examine whether the implemented safeguards balance the confidentiality, integrity and availability of information according to the requirements of your business. You want to know whether information security is rooted in your business processes and in your employees' minds appropriately, completely and effectively. You want to review whether your procedures to detect and treat security events and incidents as well as to monitor, review and improve information security are appropriate, complete and effective.

Our offer

• Examine the information security policy or deduce it from the business objectives
• Review or improve the identification, analysis, evaluation and treatment of information security risks
• Examine the availability of information and the information flux in the business processes
• Review or improve the rooting of information security safeguards in the business processes
• Review or improve the procedures to measure the effectiveness of security measures
• Assess the information security awareness of personnel
• Review or improve the management of and the responsibilities for information security
• Review or improve the procedures to detect security events and to react to security incidents, including reporting
• Review or improve monitoring and reviewing procedures to recognize process errors, security violations and incidents as well as organizational and technical problems
• Review or improve technical and physical safeguards
• Review or improve the quality and control of documents and records
• Prepare and coach the ISO/IEC 27001 certification