King of
the Audits

27001

Whitepaper

  • The European Union (EU) encourages businesses to strengthen their information security and resilience through regulations such as the Network and Information Security 2 (NIS2) Directive, the Critical Entities Resilience (CER) Directive, and Digital Operational Resilience Act (DORA), with a particular focus on companies in critical infrastructures (CRITIS).
  • German financial market participants are subject to dual regulatory standards under NIS2 and DORA if they operate critical infrastructure facilities as well.
  • Companies must address recurring security requirements from everemerging regulations and continuously demonstrate compliance.
  • Information security and resilience must be organised as part of a management system.
  • With an information security management system (ISMS) in accordance with the ISO standard 27001, companies achieve legal agility and, if desired, certified security maturity.
  • The development of an ISMS should be managed as a project in smaller organisations, or as a program in larger organisations.
  • This white paper presents a certificate-proven process model for setting up and operating an ISMS.

Kontakte

Dr. Waldemar Grudzien
Managing Director

Nadine Hofmann
Director

 

Zurück zur Newsübersicht