Governance consulting
IT governance is the anchor and basis of your security architecture and measures. It is an important component of corporate management and, with normative IT security, it creates the prerequisites and a regulatory framework for IT to perfectly support the company’s goals.
NIS2 and the IT-Sicherheitsgesetz 2.0 in particular require suitable technical and organisational IT security measures. You can see here whether your company is affected.
We help you to answer the question of what IT can and must contribute toward the success of the company.
-
Risk management
ISMS, BSI IT Grundschutz, NIST
-
Compliance
NIS2, DORA, KRITIS, IT-SiG 2.0, ISO 27001, PCI, MaRisk, BAIT, VAIT
-
Data protection & privacy
General Data Protection Regulation (EU) (GDPR), Europäische Datenschutz-Grundverordnung DSGVO
NIS2 checklist and solutions
-
Risk Analysis
NIS2 requires the implementation of risk analysis and security concepts for all information systems.
Risk management
No room for compromises
As IT systems are becoming more and more complicated and are generally prone to error or contain errors by design, this results in numerous threat scenarios with high risks for all companies.
Risk assessments play a fundamental role in meeting the relevant requirements by law or by your company’s specific industry. We assist you with risk management in accordance with ISO 31000:2018 in operating functional and streamlined risk management, or we perform it on your behalf.
Compliance
Effective security expertise
Legal requirements change on a regular basis. Harmonizing profitability, modern data backups and IT security is hard to achieve? This is one of the most common misconceptions. The basic requirements for confidentiality, availability and integrity have always remained. But the technologies and the processes change.
Together with our certified consultants, we help you to keep on top of the various requirements like NIS2, DORA, BAIT, VAIT, KRITIS, B3S and ISO 27001, and assist with the introduction of new technologies, including the adaptation of business processes.
Data protection
Legal and data security for your company
Countless provisions and directives relevant to data protection come from the German Federal Data Protection Act (BDSG) and the EU-GDPR (EU General Data Protection Regulation). Legislators threaten those that do not comply with these provisions with severe fines. However, a data protection concept which leads to specific data protection measures offers initial relief and prevents the worst from happening. We help you produce tailor-made data protection concepts and construct a DSMS, or we create the concepts for you completely as your data protection officer.
Our consultants are fully up to speed with the BDSG and EU-GDPR from years of experience and TÜV certifications. Our experts swiftly develop a concept to protect your data or provide advice on changes in your company. As an external data protection partner, we reduce your risk.
Your contact
Joscha Sternadel
Portfolio Manager
phone: +49 431 3993-775
mobile: +49 162 2130358
e-mail: sternadel@consist.de