Audits
- Examinations according to §8a (3) BSI Act
Under the IT Security Act, KRITIS companies are obliged to secure their systems in accordance with the current state of the art and to provide proof of this to the Federal Office for Information Security (BSI) every two years. This requires an audit by an independent testing agency. TÜV TRUST IT supports you as a test centre competently in carrying out tests according to §8a BSI law.
Your Benefits
- Independent, impartial and neutral audit performance
- Proven competence of the audit team through further training with regard to audit competence in accordance with § 8a BSIG
- Many years of cross-industry experience in information security
- Reduced audit effort in the company (e.g. no use of internal audit or other internal independent auditors)
- As a certified IT security service provider, TÜV TRUST IT is subject to permanent monitoring by the BSI
- Internal ISMS audit / first party audit
Internal ISMS audits are an elementary component of the ISMS to check and validate the effectiveness and appropriate implementation of processes, measures, guidelines and requirements for applicable standards and regulations.
They are also a basic precondition for achieving an ISO 27001 certification.
Our experts analyse and evaluate your ISMS according to a standardised procedure. During this process, we identify deviations and reveal potential for continuous improvement. The results are then made available to you as evidence in a formal audit report.
Your Benefits
- Comprehensive analysis of your ISMS processes, measures and guidelines
- Understandable assessment of the maturity level of your ISMS
- Audit report with deviations and recommended measures as proof for a (re)certification audit
- Evaluation and assessment by independent experts from TÜV TRUST IT
- TÜV TRUST IT’s many years of audit experience and comprehensive expertise
- Continuous improvement of your ISMS