Security Management
Risk evaluation and management

Not only technical failures or human errors but also targeted attacks can cause irreparable damage in both the private and public sectors. It is clearer today than ever that it is not sufficient for each user simply to protect their own information with high-tech solutions such as firewalls or virus scanners. The basic principle underlying the BSI Standard on Information Security reads: »Practical experience has shown that optimizing information security management frequently improves information security more effectively and lastingly than investing in security technology«. In order to guarantee an adequate level of security, the resources and processes of an organisation must be considered in an holistic approach and taken into account in its security concepts. This approach ensures that the information security management is properly aligned to the business processes and supports the achievement of the information security targets. We offer
- Guidance for planning and designing appropriate information security management concepts that are according to an established set of standards
- Support for the development and evaluation of policies, the evaluation of assets, and the implementation of measures
- Conceptual design and implementation of an incident and business continuity management system
- Audits for evaluating safety levels
- Implementation of indicator systems to control the performance of the information management system
- Planning and realization of training programs and awareness campaigns tailored to specific target groups