Flyout Menu

BSI IT Baseline Protection

  • ISMS implementation in accordance with ISO 27001 based on IT-Grundschutz

The introduction of an information security management system (ISMS) based on IT-Grundschutz establishes measures that provide optimized protection for your company’s or public institution’s information in terms of trust, integrity and availability. The IT-Grundschutz methodology of the German Federal Office for Information Security (BSI) is used for this.

We support you in setting up an ISMS in accordance with ISO 27001 based on the BSI IT-Grundschutz.

 

Kick-off:

  • Introduction meeting to define goals and expectations
  • Definition of scopes
  • Definition of the hedging methodology

Implementation of the ISMS according to ISO 27001 based on BSI IT-Grundschutz:

  • Organisation of the security process
  • Structural analysis
  • Assessment of protection requirements
  • Modelling
  • IT-Grundschutz check
  • Risk analysis
  • Realisation of the security concept
  •  Maintaining the security concept

 

Your Benefits

  • Comprehensive evaluation of the relevant processes and documents by experts with many years of experience
  • Effective increase of information security in your company
  • Low resource commitment
  • Protection of the defined information network according to the state of the art based on IT-Grundschutz
  • Proof of protection against information security threats to customers, partners and insurance companies
Request now
  • Gap analysis ISO 27001 on the basis of IT-Grundschutz

The introduction of an information security management system (ISMS) based on IT-Grundschutz establishes measures that protect the information of your company or public organisation in terms of confidentiality, integrity and availability. Here, the methodology of the IT-Grundschutz of the German Federal Office for Information Security (BSI) is used.

Even if you do not currently operate an ISMS, we can support you with our gap analysis to identify the most important issues concerning your information security. Our gap analysis in accordance with BSI IT-Grundschutz offers you a comprehensive assessment of your information security practices. The aim is to identify possible gaps between the current security measures and the recommended standards. We proceed as follows:

 

Kick-off

  • Introductory meeting to define the objectives and expectations
  • Definition of a scope of application

 

Identification of the current status

  • Analysis of your existing IT security documentation and processes via interviews with responsible employees
  • Examination of security guidelines, procedures and documentation and comparison with BSI requirements
  • Determination of the maturity level of existing ISMS processes and the associated measures
  • If necessary, checking the implementation of technical security measures in systems and infrastructure
  • Assessment of the completeness and appropriateness of existing measures and processes

Reporting and recommendations for further steps

  • Detailed report on the conducted gap analysis
  • Prioritised recommendations for measures to close identified gaps
  • Approaches for optimising the ISMS or security process
  • Recommendations for training measures to increase the information security competence

Feedback and final meeting

  • Presentation of the analysis results and recommendations
  • Clarification of open questions and discussion of possible next steps

 

Your Benefits

  • Comprehensive assessment of the relevant processes and documents by experts with many years of experience
  • Knowledge of the maturity level of your ISMS processes and the associated measures
  • Low resource commitment
  • Final report on problem areas, open issues and recommendations for further action
  • Ideal basis for setting up an ISMS
Request now
Contact

"*" indicates required fields

This field is for validation purposes and should be left unchanged.
Name*
Data privacy*