SERVICES

INFORMATION SECURITY

Comprehensive protection of your data held in the company.

INFORMATION SECURITY

General Information

These days, every company must face the risk of cyber attacks, data theft and other security risks. Such attacks are designed to severely impede business processes and can lead to tremendous trust issues with customers and business partners. Efficient information security management is therefore indispensable for long-term business success. This makes us your expert partner as information security and data protection specialists.

What is information security?

Due to the increasing digitalization of business processes and digital business models, information security is now an essential factor for any successful business endeavor. Strictly speaking, it not only encompasses data protection geared to protecting personal information but also protecting the company’s entire data and IT systems.  Cyber attacks may present an existential threat for companies since they entail high losses in turnover, costs and loss of reputation.

Information security management according to DIN ISO 27001

DIN ISO 27001 is the globally recognized standard for information security management. It consists of a comprehensive collection of recognised methods and procedures – i.e., best practices – for securing information and IT systems. At the same time, it offers flexible scaling options for specific applications such as cloud services, telecommunications services or outsourcing IT processes.

DIN ISO 27001 ensures all-around protection for your information. It is designed primarily to realize three basic protection objectives which may me looked on as the pillars of information security. Confidentiality, integrity and availability of data and systems. Applying them to corporate information security enables a comprehensive approach involving both technical security standards and organizational measures. Setting up an IT security system on this basis serves as an underlying condition for a corresponding certification.

In addition to the possibility of certification according to DIN ISO 27001 by corresponding accredited bodies, the German Federal Office for Information Security (BSI), for example, offers BSI Grundschutz (basic protection) certification for this purpose. In this context, BSI standards 200-1 and 200-2 formulate the methodological requirements for an information security management system (ISMS). The best possible solution would be to combine the BSI–2020010828 Grundschutz certification with a GDPR data protection certification.

Let us show you what we can do for your company’s information security

As experts in information security and data protection, we will cover all matters that are important for reliable and efficient information security management of your company. This includes:

Information Security

Services

Consulting

We support information security organization and IT Security ISO 27001

Risk analysis

We analyze and evaluate the existing risks in your company

GAP analysis

We will identify the gaps that exist  in your company.

Checklists

Developing customized company checklists

Guideline preparation

Guideline preparation for your information security management system

Implementation

Implementing and establishing an ISMS according to ISO 27001

Certification

Preparing and supporting your certification

Support

Ongoing consulting and support in all issues around information security and data protection

CONTACT US

Schedule an appointment with us

COST BREAKDOWN FOR

ISO 27001 Certification

informationssicherheit
informationssicherheit j-tec

The costs of an ISO 27001 certification depend on the extent and the scope of the ISMS to be certified, on the number of IT services and IT locations, on the risk potential of the company, on the degree of networking with external service providers and suppliers, as well as on the complexity of the IT processes to be certified. The same criteria apply to our consulting rates.

We will be happy to clarify all other points in a non-binding consultation focusing on your company-specific requirements for reliable information security, your requirements for our involvement and, of course, matters of cost.