IT Security Standards & Compliance
Expertise in leading security standards and regulatory requirements. From NIS2 and KRITIS to ISO 27001 – we get you safely to compliance.
NIS2
EU cybersecurity directive
The NIS2 Directive significantly expands the range of affected organisations. In force since 6. Dezember 2025, many organisations must implement comprehensive cybersecurity measures and demonstrate them on an ongoing basis.
Your benefits
- Legally sound compliance without delay
- Avoidance of heavy penalties (up to €10 million or 2% of revenue)
- Improved cyber resilience
Our services
Comprehensive support with implementation
- 1 NIS2 gap analysis and applicability assessment
- 2 Risk management and security measures
- 3 Supply chain security
- 4 Incident response and reporting obligations (24h)
- 5 Governance and management responsibility
- 6 Documentation and evidence
KRITIS
Critical infrastructures
Operators of critical infrastructures are subject to special obligations to protect their IT systems. We support you in meeting all KRITIS requirements.
Your benefits
- Legally sound compliance
- Protection of critical supply
- Avoidance of fines
Our services
Comprehensive support with implementation
- 1 KRITIS identification and threshold determination
- 2 Implementation of the IT Security Act (IT-SiG)
- 3 BSI reporting obligations and incident response
- 4 Industry-specific security standards (B3S)
- 5 Organisational and technical measures
- 6 Two-year audits and evidence
IT-Grundschutz
BSI methodology
The BSI IT-Grundschutz is the leading methodology for information security in Germany. It is the standard especially in the public sector and for KRITIS operators.
Your benefits
- Proven methodology with high acceptance
- Can be combined with ISO 27001
- Suitable for public-sector clients
Our services
Comprehensive support with implementation
- 1 IT-Grundschutz analysis and modelling
- 2 Basic protection and core protection
- 3 Standard and IT-Grundschutz check
- 4 Implementation of the IT-Grundschutz modules
- 5 Risk analysis for high protection needs
- 6 ISO 27001 based on IT-Grundschutz
Grundschutz++
Modern compliance management
Grundschutz++ is our modern compliance management system that takes BSI IT-Grundschutz further. 998 requirements across 20 thematic practices, interactive migration support from the 2023 Compendium and a powerful explorer for structured security analysis.
Your benefits
- More modern, practice-oriented structure than the Compendium
- Seamless migration from existing IT-Grundschutz
- Full data sovereignty through self-hosting
Our services
Comprehensive support with implementation
- 1 998 requirements across 20 thematic practices
- 2 Interactive migration path from the BSI Compendium 2023
- 3 7-dimensional explorer with statistics dashboard
- 4 Thematic cross-reference to 111 BSI modules
- 5 Multi-tenant compliance checks with document management
- 6 Self-hosted with automatic BSI data sync
ISO 27001
International ISMS standard
ISO/IEC 27001 is the world's leading standard for information security management systems (ISMS). Certification demonstrates systematic information security and builds trust with clients and partners.
Your benefits
- Internationally recognised certification
- Competitive advantage and trust building
- Systematic risk management
Our services
Comprehensive support with implementation
- 1 ISMS setup to ISO/IEC 27001:2022
- 2 Gap analysis and roadmap development
- 3 Risk assessment and treatment
- 4 Implementation of Annex A controls
- 5 Internal audits and management review
- 6 Preparation for certification
Which standard is right for you?
The right standard depends on your industry, size and regulatory requirements. We are happy to advise you with no obligation.
Arrange a free initial consultationReady for stronger security?
Let us develop your IT security strategy together. Free initial consultation and a no-obligation introductory call.