IT ADVISORY
Our IT consultants are at your side to ensure the security and integrity of your information systems. Rely on our expertise to identify potential risks, fulfil compliance requirements and strengthen your IT. With our expert knowledge, we support you in identifying, assessing and eliminating potential vulnerabilities and security gaps.
Security without compromise - put your trust in our IT consultants.
OUR IT ADVISORY SERVICES
CYBER SECURITY MANAGEMENT
With the increasing complexity and frequency of cyber attacks, it is of paramount importance for companies and organisations to develop effective security measures and strategies to protect their valuable data and resources. Our cyber security management encompasses a range of activities including risk assessment, planning, implementation and monitoring of security measures to detect, prevent and respond appropriately to potential threats. A proactive and holistic approach to cybersecurity management is essential to close security gaps and ensure the protection of your sensitive information.
We are happy to support you in this! Our consulting services include the following:
CYBER SECURITY CHECKS
Cyber attacks are also associated with a high risk because they are often not recognised by those affected or are only recognised at a later stage. According to surveys, over 70% of larger companies in Germany have already been affected by cyber attacks. The number, complexity and professionalism of attacks are constantly increasing. Due to its explosive nature, cyber security must be a top priority!
- KICK-OFF AND PLANNING
- RISK ASSESSMENT
- ON-SITE ASSESSMENT
- MANAGEMENT REPORT
PROJECT SUPPORT CONSULTANCY FOR THE IMPLEMENTATION OF AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS)
With the increasing digitalisation of business processes, information security has become an indispensable part of corporate management. A well-founded and well-structured information security management system (ISMS) in accordance with recognised standards forms an appropriate basis for ensuring an efficient and effective security strategy.
- PLANNING
- IMPLEMENTATION
- OPERATION
- TESTING & MEASUREMENT
- FOLLOW-UP ASSESSMENT OF THE ISMS
PROJECT SUPPORT CONSULTANCY FOR THE IMPLEMENTATION OF VDA ISA REQUIREMENTS
Due to increasing networking and globalisation in the automotive industry, both internal and external risks are on the rise. In order to adequately counter the associated risks, companies must implement suitable protective measures. To this end, a comparable level of information security must be guaranteed for all parties involved in order to reduce the risks across the entire value chain. The German Association of the Automotive Industry (VDA) has established the Information Security Assessment (ISA) catalogue for this purpose. This standard is based on the ISO / IEC 27001 standard and applies to both automotive manufacturers and suppliers.
- PLANNING
- ASSESSMENT OF THE STATUS QUO
- TARGET/ACTUAL COMPARISON
- IMPLEMENTATION
- FOLLOW-UP ASSESSMENT
PERFORMANCE OF KRITIS AUDITS
In the course of the IT Security Act, precautionary measures for critical infrastructures have been increasingly defined. This means that every operator of critical infrastructure from a total of 10 sectors must prove every two years that appropriate technical and organizational measures (state of the art) have been taken and implemented in order to avoid the risk of disruptions to availability and information security.
To this end, suitable verification documents must be submitted to the Federal Office for Information Security (BSI) as part of a KRITIS audit. Our IT specialists have the relevant certifications to be able to carry out KRITIS audits.
- KICK-OFF AND PLANNING
- ON-SITE AUDIT
- COMPILATION OF THE RESULTS
- SUBMISSION OF THE RESULTS
- COMMUNICATION WITH KRITIS CONTACT POINT
IT INSIGHTS
With our "IT Insights" video series, we present practical measures to improve the level of cyber security in companies.
The videos offer insights and strategic approaches for navigating the complex world of cyberspace and protecting yourself appropriately. Each video combines expert knowledge with practical examples to provide concrete recommendations for action.
OUR GKK-CYBER-SECURITY LEVEL CONCEPT
PROCESS DIGITISATION AND AUTOMATION
DIGITALISATION AND AUTOMATION OF ACCOUNTING
Buzzwords such as "big data", "digitalisation" and "automation" are omnipresent in all specialist areas - regardless of the size of the company in question. Digitalisation has already brought about major changes and fundamentally altered existing core business processes and support functions, such as accounting. This trend will only intensify in the future. This makes it possible to realise significant efficiency gains in process workflows. Predominantly manual and monotonous activities can be reduced to a minimum through efficient process digitalisation and automation.
A purely technical changeover, for example through the introduction of new software, will not achieve the desired result for management. In addition to taking account of tax and commercial law requirements, it is also essential to involve the employees concerned. It is also necessary to scrutinise existing work processes and workflows and optimise them where necessary. If the critical success factors are not adequately considered, efficiency gains cannot be sufficiently realised.
IT DUE DILIGENCE
In the age of increasing digitalization, due diligence requires an examination of IT assets, IT systems, IT-enabled business processes, policies and procedures prior to a proposed transaction. Our IT due diligence provides a clear overview of the target company's IT capabilities, identifies and assesses material IT risk in the target company's technology and business functions.
BUILDING BLOCKS OF AN IT DUE DILIGENCE
- Identification of key risk (including potential deal breakers)
- Developing an understanding of the IT environment
- Identification of potential separation or integration challenges
- Significant enhancements and investments required during the transaction
- Identification of potential synergies and risks impacting the transaction
SCOPE OF OUR IT DUE DILIGENCE
Analysis of the target company's IT organisation
IT ORGANISATION & PROCESSES
Strategic orientation of IT, current cost structures and investment requirements
IT STRATEGY, PROJECTS & TASKS
Integration of IT applications into existing business processes
IT APPLICATIONS & SOFTWARE
Development and integration of IT infrastructure, determination of cyber security maturity level
IT INFRASTRUCTURE & CYBER SECURITY
ADDED VALUE AND BENEFITS | IT DUE DILIGENCE
... that result from the IT of the target company
Identification of opportunities and risks ...
Determination of the respective IT maturity level
... of ongoing IT costs and necessary investment requirements (including hardware, software, personnel)
Transparent presentation ...
of possible deal breakers in coordination with the identified risks from other work steps (financial DD, tax DD, commercial DD, etc.)
Timely and regular coordination ...
as part of the purchase price negotiation
