


TOM Check



TOM Check - Review of your technical organisational measures
Companies that collect, process or use personal data are obliged to take technical and organisational measures (TOM) to ensure that data processing meets the requirements of the DSGVO.
In doing so, measures must be taken from the various areas, provided that their expenditure is in reasonable proportion to the intended purpose of protection: (see figure)
Benefit from our experience



As experienced ISO 27001 auditors we support your company. First a status analysis is carried out to check your technical and organisational measures (TOM). Here we check the internal measures taken to protect the data. A further aspect is the verification of the security level of your service providers.
For this purpose, we have developed a TOM Check based on the information of the DSGVO, ISO 27001 and TISAX.
Convince yourself today of the effectiveness of your technical and organisational measures and protect the data of your customers, employees and suppliers.



TOM Check



TOM Check - Review of your technical organisational measures
Companies that collect, process or use personal data are obliged to take technical and organisational measures (TOM) to ensure that data processing meets the requirements of the DSGVO. In doing so, measures must be taken from the various areas, provided that their expenditure is in reasonable proportion to the intended purpose of protection: (see figure)



Benefit from our experience
As experienced ISO 27001 auditors we support your company. First a status analysis is carried out to check your technical and organisational measures (TOM). Here we check the internal measures taken to protect the data. A further aspect is the verification of the security level of your service providers.
For this purpose, we have developed a TOM Check based on the information of the DSGVO, ISO 27001 and TISAX.
Convince yourself today of the effectiveness of your technical and organisational measures and protect the data of your customers, employees and suppliers.


Related Services
With the help of the data privacy check, our external data privacy officer will give you an overview of whether your company complies with the legal provisions on data protection and if there is a need for action. We will provide you with a practical guide for the further implementation of data privacy tasks.
The data privacy documentation provides the framework for the concepts and processes to be implemented. It is divided into three levels: “guidelines”, “concepts” and “implementation documents”. Thus the legal documentation requirements can be covered. In addition, employees find orientation here with regard to data privacy requirements and regulations in their company.
Today, external service providers are increasingly used for the performance of tasks. In many cases, this means data transfer to third parties and represents a particular challenge from the point of view of data privacy. In order to find a pragmatic solution, the legislator has defined contract processing (AV), whereby the external service provider can be handled like an internal department of the company.