Lausitz Energie Kraftwerge AG

Lausitz Energie Kraftwerke AG is among the operators of critical infrastructures (CRITIS).

As an operator for energy plants, the company must meet the requirements of the IT Security Act and the IT Security Catalogue. Lausitz Energie Kraftwerke AG is part of the LEAG Group.

The project to introduce the ISMS has laid an important foundation stone for the secure operation of the power plants and for implementing the legal requirements. The main objective of the project was to establish an appropriate, effective and standard-compliant ISMS. The implementation of the ISMS takes into account the standards DIN ISO/IEC 27001, ISO/IEC 27002 and ISO/IEC TR 27019 for industry-specific specifications in the power generation sector.

The introduction of the ISMS is based on the individual initial situation, organisation and requirements of the client and includes the following activities, among others:

  • Creation of an information security policy
  • Development, establishment and description of the required ISMS processes including the management of information security risks and management reporting
  • Supporting the establishment of the information security organisation
  • Creation of an information security and ISMS framework
  • Sensitisation and training of the employees involved
  • Carrying out risk assessment and treatment
  • Support in the implementation of audits
  • Creation of the network structure plan
  • Support in the operation of the ISMS