loader image

Information Security

The Protection of Information is becoming increasingly important

Information Security is now ciritcal for any business.

The big challenge is to fully comply with all security policies and standards as well as processes and controls of your company with the requirements for confidentiality, integrity, availability, transparency, etc. of the company data. In addition, all this must be brought into line with legal requirements and instructions from supervisory authorities. A recurring and complex and business-critical affair.


Information security is a comprehensive and central topic that must be given top priority in all areas and processes of a company. Gaps in information security, but also in the established Information Security Management System (ISMS), pose many risks, such as

  • direct or indirect financial loss
  • legal impact on companies, employees, customers and partners
  • Loss of reputation, credibility or competitive advantage
  • Extortion and industrial espionage by e.g. organised crime
  • Disclosure of confidential, sensitive or embarrassing information
  • Sabotage

Ensuring information security is based on “CIA” (Confidentiality, Integrity and Availability) on the one hand, but also on other aspects of the OECD guidelines on “Data Lifecycle”, the principles of the VDU and the GDPR.

A whole series of governance frameworks such as COBIT 5, ISO/IEC 2700 / 38500 / 20000, ITIL, ISM3 – to name but a few – play an important role here.

The challenges are therefore comprehensive and great. Many companies are not able to manage all aspects of all subject areas themselves in order to proactively counter threats and risks.

Solution Approach

As experts in information security and IT security, we support our customers in all aspects. Our portfolio ranges from professional consulting to security assessments and security audits to the preparation and execution of awareness trainings. In order to be able to do so, the expertise of our employees is always up-to-date. The methology required to achieve the goals is the same for the exercise and training of the Execution of an information security mandate/order is always defined specifically by the requirements described by the customer and defined task. For example, the procedure for one of our assignments for an assessment of IT infrastructure components on the topic of “security and vulnerability management” was as follows:

Security & Vulnerability Management

… that for an IT security audit on the “security of an SME infrastructure” was defined as follows:

Audit Method

… the results of an examination can be treated in detail, for example, as an overview graphic according to NISTin the report with regard to examination, results and measures.

Secure Profile

Customer Benefits

Thanks to our practice-oriented and customer-specific approach, you get lean, efficient, individually adapted, comprehensible and targeted work results, e.g.

  • as a Pre Audit Report for an upcoming IS audit
  • specific assessment or overall assessment of your established information protection measures
  • Determination of your ISMS and processes
  • well-founded second opinions on specific topics of information protection
  • flexible external personnel solutions to support your daily IS tasks, such as analyses or project management for IS projects

To help you focus better on your core business and business processes, we are happy to support you in the areas of information security and IT security. We guarantee to operate according to the latest “Information Security Standards and Frameworks”. You save resources and expensive know-how development.

Hansjörg Stibi

Hansjoerg Stibi has very good analytical skills on the one hand and the corresponding business management know-how on the other hand in order to coordinate project tasks in the IT area with the entire operating environment.

His many years of experience in various disciplines of data protection and IT services, especially in the banking environment, insurance, public administration and industry sectors, ensure a high level of professional security and continuity.

Various internationally recognized certifications in IT specialties, IT security and project management underline this.


Book an Expert Talk.

Would you like to learn more about information security or one of our other core areas? Book an expert meeting with Hansjörg Stibi or one of our other experts now.

Find out more »