Suppliers in the automotive industry are required to implement TISAX® (Trusted Information Security Assessment Exchange). We are specialists for consulting around the introduction of a management system based on the TISAX® standard of the VDA. We contribute our expertise as lecturers for the TÜV-SÜD Academy, among others.
With the EU DSGVO, data protection has become an important issue for companies. If you have already established other management systems, e.g. according to ISO 9001 or ISO 27001, it is comparatively easy to extend the scope of data protection or ISO 27701. We can show you how you can leverage synergies here and contribute our practical experience.
All standards and management systems introduced in the company can only be successful if both managers and employees know what they are allowed to do and what they have to pay attention to. We are happy to assist you in this respect by means of training or targeted awareness measures.
IT security and cyber-security are usually quite unpopular topics. Nevertheless, implemented standards such as ISO 27001 protect against potentially enormous IT damages. With the right guidance, the introduction of such management systems is not too painful. We have the expertise and practical experience to set up simple, pragmatic and at the same time effective solutions.
A certified management system according to ISO 9001 offers an organization clarity and transparency with regard to roles and tasks as well as company processes. The underlying continuous improvement process enables the company to work constantly on itself to meet the changes in the working environment. We help you to establish such a management system with pragmatic approaches.
Nowadays, modern software solutions increasingly use cloud services. To address information security in this context, the German Federal Office for Information Security (BSI) has drafted the C5 criteria catalog (Cloud Computing Compliance Criteria Catalogue), which defines the minimum requirements for secure cloud computing. We help you implement the C5 standard for your cloud services.
The world of information security consists of both processes and technical solutions. If you want to know how good your technical protection is against external attacks, let us take care of it! Whether IT architecture analysis, vulnerability analysis or penetration testing, our technical experts are leaders in their field.
An ICS, e.g. in accordance with ISAE 3402, offers a whole range of advantages that are initially not obvious to entrepreneurs and owners: Fulfilment of legal requirements regarding protection of investors and creditors, as well as reduction of litigation risks, protection of assets and prevention of manipulation possibilities. We advise you on the introduction of an ICS, whereby we place great value on common sense and a sensible risk assessment.