Implementation of ISO/IEC 27001 & preparation for the audit of a media group
ISO 27001 | Audit
CHALLENGE
Information security requirements are becoming more and more extensive for companies. Be it to get accredited as a supplier, to prove that you manage your assets responsibly or to reduce the risks and impact of a cyber attack. Our client decided to implement an ISO 27001 ISMS and have it certified.
SOLUTION
Together with the management of our client, scope and objectives were defined. Protection requirements and a GAP analysis were conducted with the departments.
Afterwards an action plan was defined and the necessary risk analysis was performed. The implementation of the measures was carried out by our customer and accompanied by us. After the implementation of the measures, we conducted an internal audit as preparation for the certification.
SUCCESS
With the ISO 27001 certification, the customer was able to acquire new projects and thus increase its turnover.
We continue to support the customer in training courses and regularly audit the implemented management system.
Implementation of TISAX®/VDA-ISA & preparation for the audit of a media group
TISAX®/VDA-ISA | Audit
CHALLENGE
In order to be able to accept projects from customers in the automotive industry and to guarantee security at the highest level, our customer decided to get certified according to TISAX®/VDA-ISA.
SOLUTION
Our customer had already implemented an ISMS according to ISO 27001. As a supplier to the automotive industry, he was also required to obtain a TISAX® Level 3 label (very high protection level).
The necessary extension of the scope was defined with the customer’s management, and the existing ISMS was extended according to TISAX® requirements with the specialist departments.
After implementing the measures, we conducted an internal audit in preparation for certification.
SUCCESS
After successful certification, our customer was able to acquire several large projects with international automotive groups.
We continue to support the customer in training courses and regularly audit the implemented management system.