We advise and support you on the following areas:

The systematic detection and assessment of all risks is a vital prerequisite for consistently taking appropriate - which also means financially viable - measures. Systematic risk management improves your security level, reduces your risks and ensures that compliance requirements are met.

We advise and support you on the following areas:

We advise our customers regarding the applicable requirements such as internal control systems, data privacy, national legislation, regulations for business records management, IKS, DSG, EU GDPR, PCI DSS, FINMA etc.). InfoGuard helps you to implement the wide ranging requirements arising from compliance in an optimal way and operate them efficiently. We support you in analysing and implementing security measures according to ISO 27001 and 27002 so that there is the continual assurance that legal requirements are consistently being complied with.

We advise and support you on the following areas:

  • Formulation of a security strategy aligned to corporate governance
  • GAP analysis in terms of regulations, guidelines and directives
  • Advice and support in formulating a security policy and the associated user guidelines and directives
  • Implementation of a systematic compliance management system
  • Implementation of data privacy regulations that conform to the law
  • Provision of support for an efficiently run information security management tool (HiScout)

InfoGuard Governance Risk Compliance and Data Protection PDF InfoGuard Governance, Compliance, Data Protection

The HiScout ISMS module is geared toward meeting the requirements of the ISO 27001/27002 of international standards, and provides a reliable basis for the information management system’s control loop. HiScout not only focuses on the documentation of output, but also supports users through the automation and standardization of complex and distributed security processes in daily operations.

HiScout supports you on the following areas:

  • Collection and evaluation of all assets in the scope
  • IT risk management related to security objectives and selectable threat and vulnerability catalogs
  • Assessment based on aspects of the threat, vulnerabilities and response levels
  • Complete mapping of the audit (and self-assessment) process (from planning to addressing the findings) with users free to manage the tested requirements as they wish
  • Centralized monitoring of actions (process support, evaluation of implementation statuses and origin for management purposes, assessment of impending actions)
  • Procedural mapping of security considerations and action to be taken
  • Practice-related mapping and cross-references between your specific requirements, e.g. ISO/IEC 27001/2, COBIT, BSI IT baseline protection, NIST Cyber Security Framework

More ›

Do you want to improve your security by establishing an information security management system (ISMS) in accordance with ISO 27001 or optimise your existing ISMS? Our experienced and certified ISO 27001 lead auditors will support you in your efforts to obtain ISO 27001 certification and the ePrivacy label and fulfil PCI DSS requirements.

We advise and support you on the following areas:

  • Construction and roll-out of your information security management system based on ISO 27001
  • (Re-) certification based on ISO 27001
  • Implementation of a risk analysis based on ISO 27005
  • Development of your ISMS based on ISO 27001
  • Auditing of your ISMS based on ISO 27001
  • Construction and roll-out of a data security management system based on the data privacy law
  • Provision of support for an efficiently run information security management system using a field tested HiScout-Tool including a data privacy module