IT and Security Analyses (On-Site & Document Reviews – not certifications)

Our IT and security visual inspections serve to independently determine the visible condition of IT-relevant areas, as well as to objectively review selected documents and evidence in the context of technical and organizational security measures. The activities include purely descriptive assessments of the current state of existing structures, processes, and documentation, without evaluating any management system and without providing consulting elements.

Among other things, we request:

• Visual inspection of the IT infrastructure for identifiable security-relevant irregularities (e.g., access paths, device condition, labeling)
• Document-based review for the existence and completeness of selected security documents (e.g., policies, inventory lists, logs)
• Verification of visible organizational IT security measures (e.g., clean-desk requirements, on-site access controls)
• Examination of labels, role or permission lists for structural plausibility (without system analysis)
• Determination of whether certain security-relevant requirements are traceably addressed in documents (without effectiveness assessment)

Note: No ISO/IEC 27001 certifications are performed, and no legally binding statements regarding compliance with the GDPR or NIS2 are made.

Our dedicated team is available at any time for a free personal informational meeting and answer any questions you may have.