• DE
  • Main Menue

ISMS according to ISO/IEC 27001:2005

Even in your company or organization there is information, that has to be protected against misuse, loss, exposure, destruction and manipulation. Apart from personal data also business and company secrets have to be taken into account. The confidentiality, availability and integrity of these information are of important significance, also in the interest of clients, business partners and employees. Therefore more and more companies and organizations count the protection of information as an integral part of business politics and an indispensable factor of success.

The international standard ISO/IEC 27001:2005

A proven opportunity to initiate, process, monitor, check and last but not least improve actions for information security, is the establishment of an Information Security Management System (ISMS) on the basis of the international standard ISO/IEC 27001:2005. This management system can be run beside existing management systems, for example systems according to ISO 14001 or ISO/IEC 20000, and make information security measurable and comparable at a later stage.

With us as a partner: Change from being driven to being a driver

For us it makes no difference wether your company or organization “just” wants to go along according to standard ISO/IEC 27001:2005 or if you strive after a certification of your company and therefore a strict usage of the standard. We provide customized solutions for your needs, which lay the foundation for an active dealing with risks in the area of information security.

Our basic analysis provides you for example the current status of your security level. Using controlled interviews the subjects organization, risk management, emergency management, sensitizing of employees, physical security, IT-service-management, IT-security and complicance will be analysed. The evaluation takes place in a report that uses graphics and provides suggestions for action for improving your security level. Our basic analysis of information security can be excellently combined with technical security analysis (penetration test) to detect beside organizational improvement potentials also technical weaknesses.

With our information security check according to ISO/IEC 27001:2005 we provide an assessment of the Information Security Management System (ISMS) as well as a review of the implementation of the goals of action and actions from annex A to our clients, who strive after a certification according to this standard or already have implemented this.  Here we work modular, which means that we are able to provide both parts of the information security check independently from each other and if needed also particularly.

Contact

Get directly into contact with our specialist division.

Contact form

Download

Factsheet Security Management