|
The business processes of modern companies depend to a great extent on their information processing systems functioning well. Faults and disturbances, and in particular breaches of information security, can have a devastating effect on a business.
Achieving security for your corporate information, and then adapting your security system dynamically to meet your changing needs, mean that the issues of confidentiality, integrity and availability have to be managed in a sustainable way. At the practical level, precisely formulated policies, sharply defined roles and a clearly defined method for handling risks are some of the tried and tested factors which guarantee that your security system can always supply what you require of it.
Our integrated approach to security (whether for an industrial company, service provider or public administration body), offered under the name TÜViT Enterprise Security, offers a modular system of analytical services which can be perfectly adapted to your requirements. The system is in particular based on the following:
- the series of standards ISO 27000 ff., based on the presently published standards ISO 27001 and ISO 27002 as well as
- IT-Grundschutz procedure (BSI Standard 100).
|
In addition, we offer professional support of your security projects, and also performance of security audits and assessments under the leadership of our TÜV and BSI-licensed ISO 27001 and ISMS auditors:
- Analytical support to establish compliance with standards
- Informative events, seminars and workshops
- Preparation for auditing and certification
- Security checks, assessments and effectiveness analyses
- Auditing according to ISO 27001
- Auditing according to ISO 27001 on the basis of BSI Standard 100
In particular, we can show you alternative methods of linking the above standards with further requirements such as Basel II, Sarbanes-Oxley Act, COBIT, ITIL etc.
|
