IT Security

Compliance with IT security standards is an essential aspect of ensuring data protection in the company. A breach of these requirements that results in unauthorized disclosure of personal data requires notification to the supervisory authority within 72 hours.

Together with you, we develop strategies to prevent this from happening. We are also your partner when it comes to implementing appropriate processes to ensure IT security in the company.

Our IT security consulting is based on recognized criteria. Experts from DPA Drewes Privacy Advice have the corresponding certification from the German Federal Office for Information Security (BSI).

We show you which IT security requirements your company must fulfill according to the GDPR. After taking stock of the situation, we can determine the relevant protection levels and discuss with you what measures need to be taken according to the state of the art. On this basis, we develop an appropriate IT security concept for you.

Under the GDPR, companies must implement a process whereby IT security measures are regularly monitored. Here we support companies and carry out such IT security audits at the company itself, but also at the service providers commissioned by companies. We check whether the company complies with the requirements of Art. 32 of the GDPR, prepare a corresponding audit report and make recommendations as to which measures need to be taken.

Compliance with documentation requirements is an important part of the IT security process. Numerous regulations require comprehensive documentation of existing IT security measures. Not only the IT security policy, but also higher-level documents such as the emergency preparedness concept or specialist concepts for the firewall must be available in the company. We are happy to assist in the preparation of these documents.

Employee awareness is a very important aspect in preventing IT security breaches. Predominantly, IT security breaches take place due to negligence or simply ignorance. Therefore, instruction in the area of IT security is a very essential aspect of avoiding a breach of IT security standards.