Consulting on Information Security

We offer specialized services for pragmatic and efficient information security management, particularly in cybersecurity, SaaS, and cloud security domains.

Our objective is to assist you in establishing the necessary security level, optimizing your processes, and conserving valuable time and resources.

With our support, you will enhance your security knowledge in the long run, resulting in innovative and adaptable security processes and solutions meticulously tailored to your specific requirements.

Featured Frameworks

Stay up to date with the latest technology and save time with our practical recommendations for implementation, e.g. the following tried and tested safety standards:

ISO 27001

ISO 27001

A globally recognized ISO standard for information security management systems (ISMS). ISO 27001 specifies the conditions that an ISMS must fulfill in order to adequately protect information.


Security standards of the German Federal Office for Information Security (BSI) for establishing an information security management system (ISMS) with implementation instructions

MaRisk & BAIT

German framework conditions for financial companies, consisting of minimum requirements for risk management (MaRisk) and sector-specific supervisory requirements for information technology (BAIT)


The Open Web Application Security Project (OWASP) supports secure software development through resources such as the Top 10 Risks, ASVS and SAMM to prevent security vulnerabilities and increase the quality of applications

Project experience (insights)

Our clients often secure valuable information and need to implement security standards across the company, but face a shortage of staff and experience. We support them with a wide range of services, from workshops to direct collaboration, in order to overcome these challenges effectively.

ISO 27001 Certification for Secure Deployment and Hosting of Azure Applications in a Microsoft Azure Cloud Environment

ISO 27001
Microsoft Azure
The objective was to implement a certifiable Information Security Management System (ISMS) aligned with ISO 27001:2022. We formulated guidelines, processes, and work tools, conducted quality assessments, and performed protection requirements and risk analyses. We are pleased to announce that the ISO 27001 certification was successfully achieved

Secure Software Development for a Credit Card Banking App

ISO 27001
Sicherer IT-Betrieb (SITB)
MaRisk & BAIT
Our services included providing guidance and support in implementing processes to ensure compliance requirements for the development of a credit card banking app on behalf of a reputable software manufacturer working with a direct bank. This encompassed adhering to the guidelines and regulations outlined in MaRisk, BAIT, and PCI-DSS. Additionally, we conducted comprehensive risk analyses and offered coaching services to the involved teams.

Providing guidance and technical support for the implementation of BAIT requirements, which includes conducting an internal audit for a financial services provider.

ISO 27001
MaRisk & BAIT
We conducted internal audits focussing on BAIT requirements. The audit was developed together with the client. The identified suggestions for improvement were then implemented with our help, including risk assessment, protection needs analysis and the development of security guidelines.

Conducting an internal audit for secure software development lifecycles

ISO 27001
BSI IT-Grundschutz
Conducting an internal audit for secure software development cycles. Our services include conducting an internal audit with a focus on ISO 27001 and BSI IT-Grundschutz. We draw up an audit plan in close consultation with the client, accompany and conduct the internal audit and prepare an audit report with recommendations for action. We also supported the implementation of BAIT requirements, including the development of guidelines and the implementation of protection needs analyses and IT risk assessments.

Creation of an industry-specific safety standard (B3S) for medical inpatient care in hospitals

ISO 27001
ISO 27799
B3S Hospital
§ 8a BSIG
Advising Deutsche Krankenhausgesellschaft e.V. on the creation of an industry-specific security standard (B3S) in the healthcare sector to fulfill the requirements of the IT-SiG (KRITIS environment).

Contact us for your secure digital future

Feel free to contact us to share your thoughts and questions or to learn more about our solutions. We value your feedback as we work together to create a safer digital future.