External IT Safety Administrator

Every company using information technology (IT) should appoint an IT safety administrator. The main task of the IT safety administrator is to advise the company management with regard to the IT safety and to support the latter when introducing and realizing new security processes, and to make the employees aware of IT safety, too. Besides the company’s own interest to grant the integrity, the confidentiality and the availability of all data, there are legal provisions in the context of information security that need to be obeyed by the management. The appointment of an IT safety administrator is part of the strategic aims of the management. The managing board is hence bound by the Corporate Sector Supervision and Transparency Act (KonTraG), to install a risk management system to recognize threats as soon as possible and to keep them away from the company. The managing board of a limited partnership (Ltd.) or the executive directors of a stock corporation are personally liable for the achievement of the strategic goals. Companies can prove their systematic action when securing their IT systems against threats of the IT security by using the ISO 27001 certificate, which is often expected by large companies in the context of placing an order. The appointment of an IT safety administrator has the advantage that you can rely on the expertise of an external specialist, who applies the measures regarding IT safety efficiently and appropriately. If a company might not appoint an IT safety administrator, it can be in danger of not protecting valuable business secrets appropriately against data loss and business espionage. Furthermore, when facing data loss, IT security gaffe or defect IT systems, there might be loss of orders, high contractual penalties, damage to the company’s public image as well as deterioration in credit terms (BASEL III).

We offer the following services:

  • Consultation on safety standards according to ISO
  • Definition and update of the IT security aims
  • Preparation of an IT management system and maintenance of an IT security concept
  • Performance of an IT structural analysis
  • Performance of a determination of demand regarding protection
  • Performance of technical and organizational measures
  • Performance of a basic security check
  • Performance of an additional security analysis
  • Consolidation of the measures
  • Documentation of the IT security measures and the access regulations
  • Analysis of IT security gaffes
  • Coordination of sensitization and training measures regarding IT security
  • Report of the IT safety administrator