


Information security team



Trigonum Consulting - Your consulting for information security in Hamburg
Trigonum Consulting is the specialist from Hamburg for concepts around information security topics. We create security concepts for you for the systematic and long-term development of security structures. These are tailored precisely to the practical conditions in your company. You receive tool-supported methods to continuously monitor the conditions of your information security and to point out the need for action.
Nowadays, security is assigned a central role. Not only because company managers are personally responsible for security or the problem of white-collar crime due to data theft is growing, but also because the critical business processes and thus the market business live in enormous dependence on a highly available and secure IT infrastructure. However, IT security is much more than firewalls and virus programs. It includes above all organizational, infrastructural and personnel aspects that should be considered in a security concept.



Information security team



Trigonum Consulting - Your consulting for information security in Hamburg
Trigonum Consulting is the specialist from Hamburg for concepts around information security topics. We create security concepts for you for the systematic and long-term development of security structures. These are tailored precisely to the practical conditions in your company. You receive tool-supported methods to continuously monitor the conditions of your information security and to point out the need for action.
Nowadays, security is assigned a central role. Not only because company managers are personally responsible for security or the problem of white-collar crime due to data theft is growing, but also because the critical business processes and thus the market business live in enormous dependence on a highly available and secure IT infrastructure. However, IT security is much more than firewalls and virus programs. It includes above all organizational, infrastructural and personnel aspects that should be considered in a security concept.


Our services
The creation of a security concept is the first implementation step of the security directive within the framework of the Information Security Management System (ISMS). At your request, we will create an individual IT security concept for you that meets the needs of your company and in which all legal requirements are taken into account.
Risks are not a product of modern times. They have existed since humans can think. The only thing that has changed is how we deal with them. Nowadays a risk analysis can be carried out in different ways and thus be better understood. As a result, risks can be avoided, mitigated, transferred or accepted.
OEMs, e.g. the Volkswagen Group, have begun to check the status of the Information Security Management System (ISMS) at important suppliers. External companies carry out audits using VDA/TISAX assessment questionnaires. The focus here is in particular on prototype protection, the IT infrastructure and the relevant applications used in the development process.
If the basic requirements of the VDA/TISAX Information Security Assessment are not met, in most cases the OEM’s suppliers lose existing orders or are no longer considered for future inquiries. This can lead to sales losses in the millions or threaten the existence of the company.
With the help of our Quick Check Consulting you will gain clarity about the level of your information security in your company and avoid risks associated with high financial losses. We have developed a Quick Check for information security especially for you to make potential risks transparent. You will very quickly get an overview of the risks regarding availability, integrity, confidentiality and authenticity of your business process supporting IT systems.
The introduction and maintenance of defined safety targets must be continuously monitored and promoted. Due to a lack of resources, companies are often unable to meet these obligations sufficiently and thus take legal and financial risks. An external security officer is responsible for fulfilling the information security management tasks in your company.
The legislator obliges the operators of critical infrastructures to adequately secure their IT according to the state of the art and to meet the IT security standards. The IT Security Act passed in 2015 requires operators of critical infrastructures to review security every two years. The Federal Office for Security and Information Technology (BSI) must also be notified by KRITIS operators of all significant incidents in the area of IT security.
More and more customers are demanding concrete proof from their suppliers that an efficient information security management system has been established. The German Association of the Automotive Industry (VDA), for example, recommends its members to set up an information security management system in accordance with ISO 27001. Further keywords are Basel II, KontraG and Sarbanes Oxley Act for US listed companies as well as the introduction of comparable European guidelines.
Nowadays it is necessary to react more quickly to the changing business environment than in the past. The pressure on companies to be accessible at all times and to make infrastructures scalable and economical in order to be able to access data, systems and applications from anywhere in the world is growing ever stronger. Cloud computing is a topic that is becoming increasingly important in this context. It enables constant access to projects and company data and ensures geographical and physical independence.


Audits
In the area of information security and data protection management, there are different types of audits. We can support you from a single source in the area of auditing. We carry out first party audits (internal audits) and second party audits (supplier audits) for you. Within the scope of cooperation with certification companies, we can also carry out third-party audits as external auditors.