For us it makes no difference wether your company or organization “just” wants to go along according to standard ISO/IEC 27001:2005 or if you strive after a certification of your company and therefore a strict usage of the standard. We provide customized solutions for your needs, which lay the foundation for an active dealing with risks in the area of information security.
Our basic analysis provides you for example the current status of your security level. Using controlled interviews the subjects organization, risk management, emergency management, sensitizing of employees, physical security, IT-service-management, IT-security and complicance will be analysed. The evaluation takes place in a report that uses graphics and provides suggestions for action for improving your security level. Our basic analysis of information security can be excellently combined with technical security analysis (penetration test) to detect beside organizational improvement potentials also technical weaknesses.
With our information security check according to ISO/IEC 27001:2005 we provide an assessment of the Information Security Management System (ISMS) as well as a review of the implementation of the goals of action and actions from annex A to our clients, who strive after a certification according to this standard or already have implemented this. Here we work modular, which means that we are able to provide both parts of the information security check independently from each other and if needed also particularly.