CONSULTING: COMPLIANCE IN INFORMATION SECURITY

In com­pa­ri­son to the IT-audit, which aims for a target/performance com­pa­ri­son, the future or neces­sa­ry tar­get sta­te is defi­ned in con­sul­ting. This defi­ned tar­get sta­te can enable cus­to­mers to car­ry out an IT audit in the future and iden­ti­fy cor­re­spon­ding deviations.

An exam­p­le of a con­sul­ting acti­vi­ty is the deve­lo­p­ment of bin­ding secu­ri­ty poli­ci­es (man­da­to­ry ins­truc­tions), pro­ce­du­res (defi­ned pro­ce­du­res) and gui­de­lines (non-bin­ding recom­men­da­ti­ons for action). Sup­port in defi­ning the „sta­te of the art“ for an area of appli­ca­ti­on, e.g. cryp­to­gra­phy, also falls within the scope of clas­sic secu­ri­ty consulting.

Secu­ri­ty con­sul­ting also includes the imple­men­ta­ti­on of secu­ri­ty awa­re­ness pro­grams and the trai­ning of employees.

Broad ran­ge of con­sul­ting services

SEC4YOU offers infor­ma­ti­on secu­ri­ty con­sul­ting in the fol­lo­wing are­as, among others:

YOUR ADVANTAGES

  • Resour­ce-saving exter­nal consulting

 

  • Per­son­nel sup­port for exis­ting teams

 

  • Com­pe­tence in all pro­ject phases

 

  • High level of expe­ri­ence with com­plex ISO 27001 issues

 

  • Opti­mal coope­ra­ti­on with the cer­ti­fi­ca­ti­on com­pa­ny due to many years of expe­ri­ence as IT auditor