Proof of appropriate standards in data protection is an important contribution for service providers and suppliers to expand existing market segments and gain access to market segments and customers that have not yet been opened. Access to customers in the automotive industry, the electrical industry, mechanical engineering, the pharmaceutical industry, the food industry or other industries will require regular certification in the areas of IT security ISO 27001, quality management ISO 9001 or data protection ISO 27701 in the future. These certifications are the door openers to many industries and very few companies, organizations and institutions will be able to avoid this topic in the future. Certifications in the areas mentioned are indispensable if you want to position yourself for the future. So there is certainly a need for action here and you should regularly include these topics in your strategy for your company, organization or institution.
Attorney Thomas Costard is a certified data protection officer (TÜV), data protection manager (TÜV) and data protection auditor (TÜV) and ISO 27001/BSI basic protection expert (TÜV). We also check the agenda of an upcoming data protection audit by the selected certification body, e.g. TÜV, DEKRA, etc. We accompany the audit and support to pass the audit and to receive the certificate.
Our firm offers to conduct an as-is assessment of data protection and to prepare a data protection audit. We conduct a pre-audit in preparation for the audit by the certification body. Here we put on the “glasses” of the auditor. If the auditor identifies minor deviations and recommendations during the audit, we support you in implementing them and closing gaps. We accompany you during the execution of surveillance audits and re-certification audits.
Furthermore, we conduct audits of processors on behalf of our clients and prepare the required audit report, which reflects the status of the data protection measures at the auditee.
The services of our law firm include in particular: