It is not a question of whether an attack will take place, but when.

Your partners for information security

We guide you through the complex requirements of ISO 27001, EnWG and NIS2 - with a clear system, tried-and-tested templates and personalised support. The result is an information security management system (ISMS) that is not only certifiable, but also works in practice.

What is an ISMS?

An ISMS is a management system that consists of a framework of well-defined processes, procedures and management practices used to systematically manage an organisation’s sensitive data and asset.

Definition
ISMS = Information Security Management System

Our services for your IT security and compliance

TISAX®

We successfully guide your company through the TISAX® certification process and ensure that you fulfil the highest information security standards in the automotive industry.

Risk management

We identify and assess IT risks and develop practical measures to protect your company in the long term.

Managed Services

Concentrate on your core business – we take over the operation, monitoring and management of your IT security processes.

More about Managed Services

DORA (Digital Operational Resilience Act)

We support you in fulfilling the requirements of DORA and strengthening your digital resilience in the financial sector in the long term.

ISO 27001

We guide you through the entire process of implementing and certifying an information security management system (ISMS) in accordance with ISO 27001.

More about ISO 27001

Staff-Leasing

Our experienced specialists provide you with flexible support as external information security officers (ISB) or project managers.

Audits

Whether internal audits for ISO 27001, TISAX®, NIS2 or support for external customer audits, certification/control audits etc: We audit your IT security systematically and practically.

NIS2

Benefit from our expertise in implementing the NIS2 directive: from the initial analysis to implementation and testing.

More about NIS2

Our Mission

As ISO/IEC 27001 experts, we at ISecM not only provide you with information security management tools, processes and procedures, but also ensure that they integrate seamlessly into your day-to-day business. In most cases, you won’t even realise they exist.

In addition, we customise our managed services solution to your organisation to make the day-to-day operation of your information security management system easier. This allows you to focus on what you do best and we take care of the rest. Because our goal is to provide you with solutions that give you peace of mind.

What our customers say.

Our experience with ISecM has been excellent. The company has provided us with a comprehensive solution that fits our organisation perfectly. The management tools, policies and processes are easy to use and maintain. The solution is flexible and customisable so that we always comply with current standards. The implementation project was carried out in a professional and customer-orientated manner. We are very satisfied with ISecM and can recommend them as a trustworthy implementation partner for a pragmatic ISMS.

We have had a great journey with ISecM. They completely replaced our previous management system within 9 months. ISecM introduced a full ISMS solution for us, put it into operation and accompanied us through the external certification process. The guidelines portal and the ACC management tool are simply great. It was also very important for us to realise the solution completely in German. We can recommend ISecM without reservation.

The ISecM experts' critical look at our project-related internal control system revealed potential for optimisation, which we are using to drive forward our continuous improvement process. It is thanks to the expertise of the two auditors that we are once again taking the Senacor project one step further in the context of a financial services provider. Constantly scrutinising our operational processes and the associated control mechanisms enables us to improve tirelessly for the benefit of our customers.

Thanks to the operational support of ISecM GmbH, our information security was supported pragmatically and purposefully during a personnel transition phase. Thanks to their expertise and experience from other companies, the experts at ISecM GmbH were valuable sources of ideas that helped us make significant progress in optimising our resilience. This applies to the areas of sensitisation, IT security and IT risk management as well as operational risk management as a whole. We would like to thank ISecM GmbH for their lasting support.

As an active member of the German Wind Energy Association (Bundesverband WindEnergie e.V.), we know the requirements and challenges of the industry inside out – and are helping to shape the secure future of wind energy.

Our promise for a smooth implementation of ISO27001:2022

Trust

We have many years experience; we will do the right thing and have your interests at heart. It means behaving consistently and, in a manner, where you feel confident in our actions.

Learning

We are a learning organisation; we hunt new and better ways to solve problems; we are active listeners helping us better to understand and learn about your day-to-day needs.

Integrity

For ISecM integrity means we value transparency and honesty, we are dedicated to do what is best for our customers.

Quality

Quality comes first. Our tools, approaches and process have built-in quality: we prioritise dependability and it is important for us to deliver high levels of service and performance.

Interesting metrics and facts

ISecM is a young company with a big heart. Founded by two partners: Holger Schrader and Robert Ritchie.
Together, we have an invaluable amount of interdisciplinary industry experience – that’s why our approaches and solutions are so innovative and unique!

Our customers

Banks, finance, critical infrastructure

Our customers

Banks, finance, critical infrastructure

30+

Years of experience

100%

Customer satisfaction

FAQ for ISO27001:2022 implementation

What is your ISO27001 implementation concept based on?

As accredited PECB ISO/IEC 27001 Lead Implementors, our senior consultants have the necessary expertise to support you in the implementation of information security management systems. ISecM’s approach is based on the PECB implementation process, which we have expanded into an easy-to-understand implementation plan based on our experience. In addition, for KRITIS (critical infrastructures) we orientate ourselves on the guidelines of the BSI (Federal Office for Information Security) in order to guarantee you the highest standards in information security.

Does writing strategies and guidelines for ISO27001 implementation involve a lot of work?

If you were to start with a blank sheet of paper, the effort would be immense indeed! We use a policy portal in Microsoft SharePoint which provides a first class document management system for all your ISO27001 policies and guidelines, which means a lot less work and of course we save time and resources too!

Which GRC tool do you use?

We have decided in favour of a partnership with AKARION GmbH. Their GRC tool is easy to implement and use, but that doesn’t mean it lacks features or functionality. After conducting due diligence and analysing all the major GRC providers, we chose AKARION – and we and our customers are very satisfied!

How long does it take to implement an ISMS management system in accordance with ISO27001?

Implementation takes around 6 months, depending on the complexity of your organisation and the availability of your resources. We support you throughout the entire process. Your organisation must then operate the management system for around 6 months. After this time, you can go through the certification process (via an external audit), which we will help you prepare for.

Secure your future

Protect your organisation with our reliable information security solutions. Our experts assess your needs, develop customised strategies and implement robust measures to protect your data and assets.

Become a part of our LinkedIn community!

We are experts in the implementation of ISMS in accordance with ISO27001 and are happy to share our expertise with you. Follow us on LinkedIn and stay up to date.