Information Security Management

A modular system for protection of sensitive data

Sensitive information is processed electronically to an increasing extent in every organisation and requires special protection. We support you in setting up a reliable information security management system (ISMS) according to IT-Grundschutz (IT baseline protection) and ISO/IEC 27001.

Advantages at a glance


With many years of experience, our IT security consultants, accredited auditors and auditors support you in achieving your specific security goals.


Our brief revision gives you a comprehensive overview of the current status of your information security and supports you in the next steps.


We enable certification according to ISO/IEC 27001 on the basis of IT-Grundschutz. With this recognized certificate, you can prove a functioning ISMS and thus have one of the most valuable security seals in Germany.


An ISMS can only function if employees are appropriately sensitized to information security. For this purpose, we also conduct trainings as well as events for your selected target groups.

15,000 consultant days within the last 5 years within the public sector

Details on beneficial aspects of the ISMS

Step 1 of 5
Step 1
Step 2 of 5
Step 2
Step 3 of 5
Step 3
Step 4 of 5
Step 4
Step 5 of 5
Step 5

ISO/IEC 27001 certifications based on IT-Grundschutz have a term of up to three years. After that, re-certification takes place. To ensure that you continue to be certified, we support you during the annual surveillance audits. For this purpose, we accompany you at an early stage in the planning and handling of changes in the certification network and support you in eliminating identified deficiencies.

An ISMS can only function if employees are appropriately trained or sensitized to the topic of information security. To this end, we also conduct training courses and events for your selected target groups - whether for new or all employees, managers, administrators or IT specialists. In addition, we offer the conception and implementation of further awareness measures: Our tools range from awareness flyers and concepts to creative topic immersion and live hacking shows.

Security concepts are an essential basis for defining, prioritizing and implementing security requirements for systems or processes. Thus, they are a crucial part of an ISMS. Not only IT-based values are considered: A security concept sets security goals for an environment, which are derived from the risks and the protection needs of the information. We then develop appropriate measures to achieve these goals. A security concept can also cover only parts of the IT infrastructure.

We support you both in the creation of generalized security concepts for your entire IT landscape and in the development of system- or application-specific detailed concepts. The basis for this is the IT-Grundschutz methodology of the BSI.

Risk management
Awareness events
Live Hacking Shows
Contact request
Do you still have questions about information security management?
Do you still have questions about information security management?

Send us an inquiry via the contact form. We will be happy to help.

Site 1