MENU
  1. Services
  2. Information Security Management
  3. ISMS for the Energy Industry

Grid operators will need to have their information security management system (ISMS) certified by January 31, 2018. In order to ensure that a certification can be effected within the stipulated deadline, the ISMS rollout should be completed a few months beforehand, since internal audits have to be carried out. With only a few exceptions, all grid operators are affected by the security requirements of the IT Security Catalogue.

 

Current implementation status

Our experience from the past few months has shown that many grid operators are not very far advanced yet with the introduction of their ISMS according to ISO 27001, taking into account ISO 27019. Some of the reasons for this are a tight planning, the complex nature of the ISMS introduction regarding the special requirements placed on grid operators, the identification of potential threats and risks or a lack of resources.

Support through TÜViT

You have already started the rollout of your ISMS and you would like to determine the current status of its implementation:

  • we will be pleased to carry out a gap analysis that takes into account ISO 27019. This will provide you with an assessment of the maturity level of your ISMS with respect to the forthcoming ISO 27001 certification, including measures to identify any gaps.

You have not yet started the rollout of your ISMS:

  • we can provide you with support in the form of workshops when you will begin to set up your ISMS
  • we will advise and support you in setting up and implementing your ISMS on the basis of a specifically developed process model which takes into account (among other things) the field of application, the protection requirements assessment, the preparation of a grid structure plan, the compilation of documents and the setting-up of processes
  • we will also help you with the consolidation of documents and processes from other standard specifications such as quality management
  • we can provide you with support with the evaluation and assessment of risks associated with information security using risk assessments

Your benefits at a glance

  • extensive experience in the field of ISO 27001: TÜViT has successfully carried out more than 600 ISMS projects – also among energy suppliers and grid operators
  • our auditors have an additional qualification for the energy sector
  • our IT security experts are registered as (lead) auditors for ISO 27001, certified by the BSI as audit team leaders for ISO 27001 on the basis of the “BSI IT-Grundschutz” standard and as IS auditors
  • our IT security experts help to develop the Technical Guideline TR-03109 for the Smart Meter Gateway and are authorized by the BSI to work as auditors for TR-03109

We will assist and advise you during all implementation phases of your ISMS.

Tobias Kippert

Product Manager Enterprise Security

+49 201 8999-546
Fax: +49 201 8999-666

t.kippert@tuvit.de

Gerald Krebs

Sales Manager

+49 201 8999-411
Fax: +49 201 8999-666

g.krebs@tuvit.de

Appointment Request

Further services

ISO 27001

As a certified IT security service provider by the German Federal Office of Information Security (BSI), TÜViT supports companies and public authorities with the planning, implementation, monitoring and continuous improvement of their information security management system.
Weiterlesen

IT-Grundschutz

With a certification under ISO 27001 based on the “BSI IT-Grundschutz” standard, you show your customers and business partners the importance you associate with IT security, since the level of your information security fulfills the requirements of the BSI.
Read more
In order to provide you with a pleasant online experience, we use cookies on our website. By expressing your consent at tuev-nord.de you agree to the use of cookies. Further information, e.g. how you can object to the use of cookies at any time, can be found in our cookie guidelines and data protection settings.