IT Security Management
With the increasing digitalization of business processes, the number of cyber attacks and internal fraud attempts is rising. Against this background, IT security is existential for every company. We support you in setting up an efficient security management system. You benefit from our many years of industry expertise in conjunction with the application of the best-practice approach to IT security.
Aside from the competent handling of the recommendations from the BSI IT Baseline Protection Compendium (German: IT-Grundschutz-Kompendium) and NIST Special Publication 800, we contribute our knowledge gained from certifications on IT security (ISO/IEC 2700x). This makes us the right partner for meeting BaFin requirements such as supervisory requirements for IT in financial institutions (BAIT) and the supervisory requirements for IT in insurance companies (VAIT).
You also benefit from our specialist knowledge regarding the implementation of the European General Data Protection Regulation (EU GDPR). In this context we support you in the technical implementation of deadlines relating to the retention and deletion of personal data. In particular, Article 5 in conjunction with Article 32 of the EU GDPR aims to ensure that personal data is processed in conformity with the law, e.g. the targeted logging of read or write access.
In the roles of project manager or business analyst, we support you holistically in your projects on strengthening corporate security from requirements analysis all the way through to implementation.
Requirements analysis – we determine the current and target state, advise you on solution approaches and record them in the requirements specification.
Technical and DP concepts – in coordination with relevant business and IT areas, we create the necessary concepts and documentation. Here, the project documentation generally includes detailed specifications, operating manuals or data processing concepts. With regard to IT security, we provide you with support for creating or revising security-relevant documents such as authorization concepts, disaster recovery plans, data protection check lists and IT security concepts.
Implementation – we support your implementation of standard or custom solutions. We also adapt the required processes to your (ITIL) standard and can train your staff if required.
Our consultants combine methodological and specialist competencies with a passion to overcome complex challenges. It is our aim to jointly develop innovative strategies to increase your company’s security.