NIS2 Security Audits Consulting Training About Legal Notice Privacy Policy Contact Book Free Consultation →
Tailored security strategies

Consulting &
Concepts.

No off-the-shelf solutions. I develop IT security concepts tailored to your organisation – aligned with recognised standards, pragmatic in implementation and developed together with you.

Request Consulting →
Consulting topics

How I help

01
ISMS to ISO 27001
Building or developing an information security management system. From gap analysis through implementation to certification preparation.
  • Scope definition
  • Risk assessment and treatment
  • Policies, processes and documentation
  • Certification audit preparation
02
BSI IT Baseline Protection
Structural analysis, protection requirements assessment and modelling following BSI IT baseline protection methodology. For businesses and public authorities.
  • Structural analysis and IT network
  • Protection requirements assessment
  • Baseline check and risk analysis
  • Implementation planning and measure execution
03
Incident Response
Planning and building processes for an emergency. So your team knows what to do – before an attack happens, not after.
  • Developing an incident response plan
  • Defining roles and responsibilities
  • Communication plans and reporting obligations
  • Tabletop exercises and crisis training
04
Security Concepts
Tailored security concepts for specific needs: access controls, privacy by design, supplier security or cloud strategy.
  • Zero-trust strategies and IAM concepts
  • Privacy by Design
  • Supply chain security and supplier audits
  • Cloud security architecture
Standards expertise

Standards I work to

ISO 27001
International ISMS standard
The globally recognised standard for information security management systems.
BSI-GS
IT Baseline Protection
The methodology of the German Federal Office for Information Security for businesses and authorities.
NIS2
EU Cybersecurity Directive
Requirements of EU Directive 2022/2555 for essential and important entities.
GDPR
General Data Protection Regulation
Technical and organisational measures in accordance with European data protection requirements.
NIST
NIST Cybersecurity Framework
The US framework as a complement for internationally oriented organisations.
OWASP
Web Application Security
Security standards for web applications and APIs following OWASP methodology.

Security that fits you.

I don't develop a generic concept – I develop one that fits your company size, your industry and your resources.

Request Consultation →