Information security management is in demand wherever the work of a wide range of participants is intertwined. Be it in networked value and supply chains or in digital information management in the cloud. With the help of processes and guidelines, a company permanently manages and controls its own information security. Possible security risks become transparent and thus controllable. The IT and data protection experts at dhpg will be happy to advise you when it comes to developing, introducing or optimising the right information security management for you. ISO 27001 certification can follow seamlessly, but is not mandatory for every industry. Feel free to contact us.
Together with you, we develop an information security management system for your organisation. A solution that gives you the security of being well positioned, having arranged everything that is necessary, but still does not create any bureaucratic hurdles. With dhpg at your side, you will have absolute transparency at every point of the process and can rely on timely and on-budget implementation.
We have many years of extensive project experience in setting up information security management systems. With our best-practice approaches, methods and experience, we build on the processes and structures already in place in your company.
You would like to keep "the door to certification" open? Or are you obliged to be certified due to your performance? No problem. We design the processes of an information security management system so that you can start certification at any time
As part of an audit, legal and tax consultancy, IT information security is part of our DNA. With dhpg at your side, you can be sure to meet legal requirements and compliance at all times.
Would you like a personal consultation? We would be happy to arrange a non-binding appointment with you to get to know us. We look forward to your call or e-mail and to meeting you.
An information security management system aims to identify and analyse an organisation's IT risks and make them controllable through appropriate measures. There are various approaches via ISO/IEC 27001 or BSI Grundschutz - dhpg will be happy to advise you on both. Be it in the analysis of the current situation, the conception of the information security management system suitable for you and its documentation, or on the way to a possible certification. We are happy to support you beyond the introduction of information security management, for example when it comes to its further development or revision. As part of an audit, tax and legal consultancy, we always keep an eye on all associated compliance and governance requirements.
The pandemic has clearly shown how ramified our supply and service relationships are today. Data is exchanged digitally using a wide variety of players and systems. Against this background, it is important for a company to be aware of its own IT infrastructure, IT applications and processes. This is to avoid the risk of IT systems failing or being damaged, or of data protection requirements not being met. An information security management system makes all this transparent. The company is put in a position to strengthen its own infrastructure and avert possible damage to the organisation.
The information security management of a company determines:
The data protection officer in the company ensures that the requirements of the GDPR are complied with and thus that personal data are specially protected. Information security management does not give personal data a special position in principle. Information security management and data protection should work closely together, as the two topics are closely linked and should not act in isolation from each other.
dhpg operates a Security Operations Centre with the TÜV TRUST IT group of companies TÜV AUSTRIA. The SOC as a Service monitors the client's IT systems for possible cyber attacks and protects them against possible production downtimes, data loss, image damage, etc. and the associated financial risks. A combination of automatic detection and the use of expert knowledge ensures the fastest possible detection of various attack scenarios. If an active threat to a company's infrastructure is detected, the measures contractually agreed with the customer come into effect immediately.
The connection to a Cyber Security Operations Centre is a sensible component of a functioning information security management system. Statistics show that malicious codes are in the company for more than half a year before they are discovered. A SOCaaS can support you in detecting attackers who have already bypassed the firewall and virus scanner earlier and avert damage.
For more info, visit www.csoc.de.
An information security management system defines the technical and organisational IT security measures of a company. It regulates procedures and processes for implementing and controlling information security in the company. dhpg offers companies the development, introduction and optimisation of an information security management system according to the specifications of ISO 27001 and those of the BSI basic protection. We would be happy to accompany you on the way to certification if you wish to do so or are obliged to do so due to your industry affiliation.