IT-Security Certifications

by ISO/IEC 27001 and BSI basic-protection

Information Technology as a Risk?

Persons in charge of a company as a whole or it´s IT tend to answering that question basically positive. Information technology (IT) long affects all areas of business and society. Growing chances come up with growing risk. Data of ever-growing needs to protection are entrusted to information technology. To sufficiently minimize the corresponding risk of using information technology, security-related functionalities must be part of a modern management-approach.

Liability of the Persons in Charge

Moreover, the persons in charge for the company and it´s IT, as a consequence of the presence of multiple legislation are not only facing liability within the company, but also from a legal point of view. Here, it is important to understand that managing staff may be held liable by their private assets. In extreme cases, they may even be held liable by criminal prosecution in their capacity of a legal representative of the company.

Of course, you have already implemented comprehensive IT-security measures in your company- but is that already sufficient? The crucial point is the non-binding character of an internal system of regulations towards public authorities.

A state-renowned ITS-Certificate may help

It is not just about complying with legal requirements, but moreover about transparency and controllability of the corporate organization. That especially includes safety in information-processing and a well working HR-management.

The ability to provide evidence on IT-security in the company towards third parties and by a renowned certification does more and more become of relevance and provides for an indispensable base of trust within the customer-supplier-partner network of relations, e.g. in the fields e-business and e-commerce. Being able to provide evidence for an adequate and consistent level of protection to third parties is a reasonable intent. Besides that, legal provisions such as the act on control and transparency in the corporate sphere (KonTraG) or the Basel-II-rating-regime – concerning the company´s loan-worthiness- do explicitly state a demand for an operational risk-management.

Certification by BSI-standards (ISI/IEC 27001) 

ISMS (ISO/ IEC 27001) 

TÜV-Certification (German Association for Technical Inspection)

Get in touch with us!

Contact us

If you are interested or have any questions regarding
our services, please do not hesitate to contact us.
Use our contact form or one of the options given below.