Information Security Management System (ISMS)

  • Comprehensive consideration of information security processes
  • Maturity assessment of your cyber security processes 
  • Development of an individual roadmap for increasing the maturity level 
  • Support for ISMS implementation with project and change management

Information is the basis of business

Customers demand proof from their business partners that they have established an industry standard with regard to information security in the company. This also includes the implementation of the existing legal requirements (NISG / KRITIS Regulation). 

Due to the increasing complexity in the IT environment, companies need a solid process basis (also and especially in information security). This foundation enables the change from a reactive to a proactive management role.

Our services

ISMS Scoping

Together with you, we determine the scope for setting up a certifiable ISMS for your organisation and the operation of your process IT. External and internal framework conditions as well as the security level of your company play a central role.

ISMS Implementation

We support you in the development, documentation, introduction and anchoring of an ISMS in the selected scope, taking into account the relevant standards (ISO/IEC 27002:2013 and ISO/IEC 27799:2016).

ISMS Auditing

For the proof of a successful implementation, we accompany you in the preparation of the internal and external auditing of the ISMS. The goal is to successfully prove that information security in your company follows the usual industry standard.

What defines us

All facets in view

We have always combined in-depth technological know-how with our expertise in processes and business requirements. With our approach, our clients benefit from high security standards without negatively impacting the user experience.

Award-winning Microsoft Partner

As a multiple award-winning Microsoft Partner, including in the area of security, and with over 100 certified employees, we ensure that solutions such as Microsoft Azure AD or Microsoft 365 offer our customers the best possible protection.

Proven experts

Our own consultants are certified in many security areas - whether as ISO 27001 Lead Implementers (PECB), in Microsoft security topics or as data protection experts. We have everyone on board who can meet your different requirements.

Our Cyber Security services

Zero Trust Architecture

We offer Zero Trust Envisioning Workshops to create an understanding. We take over the development of an individual Zero Trust strategy and implement this Zero Trust strategy and roadmap together with the client.

Data Protection & Compliance

Whether in the cloud or specific Microsoft environment: we identify areas of action, derive measures, ensure compliance (DSGVO, works council) and support the creation of necessary documentation.

Identity & Access Management with Microsoft 365

Secure identities are the first step into the cloud. Whether zero trust, single sign-on or governance processes - we design, implement and optimise solutions based on the latest Microsoft technologies such as Azure AD.

Threat Protection with Microsoft 365

We design and implement threat protection strategies. The technological basis is formed by Microsoft 365 technologies such as Microsoft Defender for Endpoint, Defender for Office, Defender for Identity and Microsoft Defender for Cloud.

Cyber Security Awareness

We plan and execute automated phishing campaigns, take care of sustainable change management to strengthen cyber security awareness and ensure the training and sensitisation of employees on the topic of data protection.

Let us talk about your project

Your personal contact
Ruth Subjetzki

Ruth Subjetzki

Project Inquiries & Account Management

+49 69 97 78 83 - 633

* Mandatory fields

+49 69 97 78 83 - 0
contact(at)campana-schott(dot)com