It is not a question of whether an attack will take place, but when.

Your partners for information security

We guide you through the complex requirements of ISO 27001, EnWG and NIS2 - with a clear system, tried-and-tested templates and personalised support. The result is an information security management system (ISMS) that is not only certifiable, but also works in practice.

Windbranchentag Schleswig-Holstein

Meet us at the Wind Industry Day in Husum!

We will be at the Schleswig-Holstein Wind Industry Day in Husum on 15 May. Come along, get to know our team and talk to us about current topics relating to wind energy and IT security. We look forward to your visit!

What is an ISMS?

An ISMS is a management system that consists of a framework of well-defined processes, procedures and management practices used to systematically manage an organisation’s sensitive data and asset.

Definition
ISMS = Information Security Management System

Our Services

Advice & Support

Our experienced consultants are able to support you in all areas of ISO27001.

Implementation

ISecM is able to carry out your ISO27001 implementation using our proven methods and processes.

GRC Software Solutions

ISecM offers a professional and easy to use GRC (Governance, Risk & Compliance) administration solution.

Managed Services

We offer managed services to give you a 'Peace of Mind' wherever you are.

Our Mission

As ISO/IEC 27001 experts, we at ISecM not only provide you with information security management tools, processes and procedures, but also ensure that they integrate seamlessly into your day-to-day business. In most cases, you won’t even realise they exist.

In addition, we customise our managed services solution to your organisation to make the day-to-day operation of your information security management system easier. This allows you to focus on what you do best and we take care of the rest. Because our goal is to provide you with solutions that give you peace of mind.

What our customers say.

Our experience with ISecM has been excellent. The company has provided us with a comprehensive solution that fits our organisation perfectly. The management tools, policies and processes are easy to use and maintain. The solution is flexible and customisable so that we always comply with current standards. The implementation project was carried out in a professional and customer-orientated manner. We are very satisfied with ISecM and can recommend them as a trustworthy implementation partner for a pragmatic ISMS.

We have had a great journey with ISecM. They completely replaced our previous management system within 9 months. ISecM introduced a full ISMS solution for us, put it into operation and accompanied us through the external certification process. The guidelines portal and the ACC management tool are simply great. It was also very important for us to realise the solution completely in German. We can recommend ISecM without reservation.

The ISecM experts' critical look at our project-related internal control system revealed potential for optimisation, which we are using to drive forward our continuous improvement process. It is thanks to the expertise of the two auditors that we are once again taking the Senacor project one step further in the context of a financial services provider. Constantly scrutinising our operational processes and the associated control mechanisms enables us to improve tirelessly for the benefit of our customers.

Thanks to the operational support of ISecM GmbH, our information security was supported pragmatically and purposefully during a personnel transition phase. Thanks to their expertise and experience from other companies, the experts at ISecM GmbH were valuable sources of ideas that helped us make significant progress in optimising our resilience. This applies to the areas of sensitisation, IT security and IT risk management as well as operational risk management as a whole. We would like to thank ISecM GmbH for their lasting support.

As an active member of the German Wind Energy Association (Bundesverband WindEnergie e.V.), we know the requirements and challenges of the industry inside out – and are helping to shape the secure future of wind energy.

Our promise for a smooth implementation of ISO27001:2022

Trust

We have many years experience; we will do the right thing and have your interests at heart. It means behaving consistently and, in a manner, where you feel confident in our actions.

Learning

We are a learning organisation; we hunt new and better ways to solve problems; we are active listeners helping us better to understand and learn about your day-to-day needs.

Integrity

For ISecM integrity means we value transparency and honesty, we are dedicated to do what is best for our customers.

Quality

Quality comes first. Our tools, approaches and process have built-in quality: we prioritise dependability and it is important for us to deliver high levels of service and performance.

Interesting metrics and facts

ISecM is a young company with a big heart. Founded by two partners: Holger Schrader and Robert Ritchie.
Together, we have an invaluable amount of interdisciplinary industry experience – that’s why our approaches and solutions are so innovative and unique!

Our customers

Banks, finance, critical infrastructure

Our customers

Banks, finance, critical infrastructure

30+

Years of experience

100%

Customer satisfaction

FAQ for ISO27001:2022 implementation

What is your ISO27001 implementation concept based on?

As accredited PECB ISO/IEC 27001 Lead Implementors, our senior consultants have the necessary expertise to support you in the implementation of information security management systems. ISecM’s approach is based on the PECB implementation process, which we have expanded into an easy-to-understand implementation plan based on our experience. In addition, for KRITIS (critical infrastructures) we orientate ourselves on the guidelines of the BSI (Federal Office for Information Security) in order to guarantee you the highest standards in information security.

Does writing strategies and guidelines for ISO27001 implementation involve a lot of work?

If you were to start with a blank sheet of paper, the effort would be immense indeed! We use a policy portal in Microsoft SharePoint which provides a first class document management system for all your ISO27001 policies and guidelines, which means a lot less work and of course we save time and resources too!

Which GRC tool do you use?

We have decided in favour of a partnership with AKARION GmbH. Their GRC tool is easy to implement and use, but that doesn’t mean it lacks features or functionality. After conducting due diligence and analysing all the major GRC providers, we chose AKARION – and we and our customers are very satisfied!

How long does it take to implement an ISMS management system in accordance with ISO27001?

Implementation takes around 6 months, depending on the complexity of your organisation and the availability of your resources. We support you throughout the entire process. Your organisation must then operate the management system for around 6 months. After this time, you can go through the certification process (via an external audit), which we will help you prepare for.

Secure your future

Protect your organisation with our reliable information security solutions. Our experts assess your needs, develop customised strategies and implement robust measures to protect your data and assets.

Become a part of our LinkedIn community!

We are experts in the implementation of ISMS in accordance with ISO27001 and are happy to share our expertise with you. Follow us on LinkedIn and stay up to date.