From 0 to 100 – for companies that take security seriously.
- Establishment of a simple information security management system (ISMS), e.g. based on the self-made ISMS, ISO 27001 or TISAX
- Risk analysis / protection requirements assessment / SoA (Statement of Applicability)
- Introduction of organisational measures (e.g. roles, responsibilities, emergency management)
- Creation of documentation for ISMS guidelines and processes
- Conducting internal audits with GAP analysis of the target state
- If necessary: corrective measures and improvements
