Deutsch English Nederlands

Consulting on ISO 27001 & TISAX

‘We need IT security – but please don't make it complicated.’
Does that sound familiar?

With over 10 years of practical experience and certified implementation skills, we know how to make IT security understandable, implementable and effective – and not let it degenerate into a bureaucratic monster.

Basic protection

For SMEs without existing structured security measures.

  • Brief analysis of the current IT security situation (actual status)
  • Introduction to the basics of information security
  • Recommendations for ‘quick wins’ (e.g. password policy, software updates, backup strategy)
  • Preparation of a report with a to-do list and recommended measures

ISO 27001/TISAX – ISMS review & management assessment

Assessment of the effectiveness and relevance of the existing ISMS based on the requirements of the ISO 27001 and TISAX standards.

  • Analysis of the current status and effectiveness of the ISMS
  • Plausibility in the context of the organisation
  • Review of the progress of measures, if any, security incidents and risks, and existing improvement plans
  • Resource assessment (staff, budget, tools)
  • Assessment of the management of suppliers and service providers with regard to information security
  • Derivation of improvement measures and strategic recommendations
  • Preparation of a compact management assessment report to document the results

ISMS complete package

From 0 to 100 – for companies that take security seriously.

  • Establishment of a simple information security management system (ISMS), e.g. based on the self-made ISMS, ISO 27001 or TISAX
  • Risk analysis / protection requirements assessment / SoA (Statement of Applicability)
  • Introduction of organisational measures (e.g. roles, responsibilities, emergency management)
  • Creation of documentation for ISMS guidelines and processes
  • Conducting internal audits with GAP analysis of the target state
  • If necessary: corrective measures and improvements

We speak not only the language of standards – but also yours

What you can expect from us:

  • Team with technical background knowledge
  • Experience in IT security, compliance and industry-specific standards
  • Support with documentation and internal communication
  • Preparation for audits and sustainable integration within the company
Team

How we can help you

Typical challenges faced by our customers:

‘We don't have the resources for a large-scale project.’

‘We don't know what's really important.’

‘We need a solution that fits into our everyday routine.’

Good news: that's exactly what we offer.

  • Gap analysis & status check – Where are you today – what is realistically achievable?
  • Pragmatic project planning – implementation in stages, adapted to your capacities
  • Tailor-made ISMS documentation – precisely tailored policies, processes and evidence
  • Preparation for audits / customer enquiries – Practical, transparent and audit-proof
  • TISAX-specific requirements – Special features of the automotive industry? We know them.
Arrange a free initial consultation now
PECB

Testimonials

"I think the content of the book and its structure are really good. Something like this would have been a great help to me when we were getting certified back then.
Otherwise, you don't know where to start or what to expect, and you're faced with a huge mountain of problems.
Your step-by-step explanation is very useful."

Elisabeth, IT employee

“Finally, a solution that works for us! Selfmade ISMS helped us build our IT security in a structured way without any external effort. The templates are worth their weight in gold—and the book explains everything so clearly that even our CEO was immediately on board.”

Claudia M., IT representative at a medium-sized mechanical engineering company in North Rhine-Westphalia

CONTACT

Please feel free to contact us for further discussion. We look forward to hearing from you.

Email ✉ info [at] cysole.com

* Required