• Building the security strategy (strategic & operative security)
• Building core processes for security/IT security
• Consulting on building an ISMS in accordance with NIS2, ISO 27001, ENX TISAX®, ZAIT/EBA, US NIST, ISIS12
• Consulting on ISO 27001:2022, ISO 27002:2022 with ICS/OT requirements (such as KAS 51)
• Building core processes for security in ICS/OT (NIST, IEC 62443, VDI/VDE 2182)
• Threat assessment (using OSINT), information space and status report
• Risk management and processes (top-down & bottom-up)
• Security incident and crisis management
• Operational investigations and processes
• GAP/situation assessments of existing security architecture compared to standards
• Development of guided and controlled security documentation
• Internal assessments and supplier assessments for corporate security, IT security & ICS/OT
• Check/test certification as Lead Auditor under ISO 27001:2022 and TISAX®
• Preparation for audits under Section 8a of the BSI Act