About our Team

ABOUT US: TECHNOLOGY CHANGES ⇨ STANDARDS REMAIN!

Every year the­re are new trends in IT ope­ra­ti­ons: off­s­ho­ring, mobi­li­ty, out­sour­cing, cli­ent com­pu­ting, social media, the cloud, Big Data, Indus­try 4.0, IoT, and many more. Lar­ge parts of net­work­ed sys­tem intel­li­gence alre­a­dy resi­de in the cloud. Com­pli­ance pres­su­res are moun­ting over us both intern­al­ly and externally.

Never befo­re have IT depart­ments had to face such ser­vice diver­si­fi­ca­ti­on from the many new tech­no­lo­gies. The num­ber of sys­tems to be audi­ted is incre­asing­ly incre­asing in recent years with the gro­wing intel­li­gence of IoT devices. The incre­asing num­ber of net­work­ed IT sys­tems also expo­nen­ti­al­ly increa­ses the attack sur­face for cyber­crime attacks.

Our role as consultants

The task we face every day as IT con­sul­tants is to anti­ci­pa­te the rapidly chan­ging IT trends and their busi­ness requi­re­ments by iden­ti­fy­ing and addres­sing the poten­ti­al risks in a struc­tu­red way. In doing so, we sup­port our cli­ents in iden­ti­fy­ing and app­ly­ing the sta­te of the art. The use of estab­lished stan­dards such as ISO 27001, IEC 62443 and the BSI basic pro­tec­tion cata­logs as well as many other spe­ci­fic gui­des such as OWASP for web appli­ca­ti­ons are reco­gni­zed as sta­te of the art and their use faci­li­ta­tes the defi­ni­ti­on of appro­pria­te measures.

From the auditor’s perspective

As soon as we have an IT sys­tem or an IT pro­cess on the test bench, we do not see it as our task to look for “cul­prits”, but check the sys­tems for devia­ti­ons from the tar­get sta­te or the sta­te of the art. In 70% of the cases the tar­get sta­te is not suf­fi­ci­ent­ly defi­ned, then we help to crea­te clear guidelines.

ABOUT US: AUDITORS ARE ALWAYS POPULAR…