Information Security Management serves to sustainably improve cyber security at a technical and organizational level and is an important component of cyber compliance. In particular, the topic of risk management and the measures to be derived from it are the focus of numerous standards and norms such as NIS2 or DORA. InfoSec as-a-Service ensures that information security management is operated on the basis of the international ISO27001 standard. If required, an external CISO (Chief Information Security Officer) is also deployed and a digital platform is provided as the basis for CyRiSo’s service provision.
Information Security aaS
Your Benefits
The Standards
ISO27001, ISO27002, ISO27005, DIN 27076, TISAX, NIS2
The Results
Sustainable information security management to increase the level of technical and organizational maturity and compliance with standards and norms.
InfoSec aaS Packages
InfoSec-as-a-Service is offered in three service packages (individually customizable):
INFOSEC aaS BASIC
- Status monitoring of technical and organizational security controls
- Monitoring of ISO27001 / DIN27076 for conformity to the standard (methodical)
- Participation in status meetings
- Review of the risk management process and risk analyses
INFOSEC aaS STANDARD
- All INFOSEC activities aaS BASIC
- In addition:
- Update of the policy framework
- InfoSec reporting
- Evaluation of the effectiveness of the security controls set
- Definition and monitoring of compliance with security objectives
- Performance of risk assessments
INFOSEC aaS PRO
- All activities of INFOSEC aas BASIC and STANDARD
- Additionally:
- External CISO role
- Management of the InfoSec framework and methods for ISO27001 and/or DIN 27076 (for very small companies)
- Ensuring compliance with the certification maturity level
- Participation in management reviews and audits
No suitable service package? We are standardized in our services, but flexible in the composition of the packages.