Audits & Analysis
Security analyses
Gap analyses, benchmarks or maturity audits are based on secunet best practices, government and industry standards, customer-specific requirements, our decades of auditing experience and our knowledge of the state of the art in a wide range of sectors.
We define individual focal points on request - entirely according to the needs of our customers.
Audit preparation and monitoring of a certification audit
Organisations preparing for the certification of a management system are faced with a multitude of tasks. In particular, the initial certification audit often poses a special challenge. Maintaining a certification on the other hand requires regular surveillance and recertification audits.
With this in mind, secunet offers support for audit preparation and audit defense.
In doing so, we prepare organisations and the relevant stakeholders for the audit situation and provide support in compiling the documents and records. We conduct training sessions in which the audit process is simulated and any "pitfalls" can be practiced or discussed. We are also happy to provide support during the audit and in the follow-up to audits.
Implementation of 1st and 2nd-party audits
secunet carries out 1st party audits ("internal audits") and 2nd party audits ("supplier audits") in accordance with the requirements for management systems.
Each audit carried out by secunet is based on defined process steps.
The tests are carried out in accordance with the respective underlying standards:
- ISO/IEC 27001 for information security management systems
- BSI Standard 200-2 for information security management systems based on ISO 27001
- IT security catalogs in accordance with § 11 1a and 1b for energy plants and transportation
- Industry-specific security standards (B3S) for numerous KRITIS sectors
- ISO 22301 for business continuity management systems
- IEC 62443 for the area of industrial plants, process networks and control systems
We offer a special form of analysis with the cybersecurity situation report, which combines various forms of analysis. It covers the information, IT and OT security of an organisation.
![](/fileadmin/user_upload/01_Seitencontent/Produkt-_und_Serviceseiten/ISMS/2021-04-22_13_29_25-secunet_Lagebild_Cyber_Security.pdf_-_Adobe_Acrobat_Pro_DC__32-bit_.png)
Cybersecurity situation
If you have any questions, please send us an inquiry via the contact form. We are happy to help.