Sie sind hier: operational services > Kunden-Bereich / Customer Area > Supplier Integration VW/Audi via CSN Access (EN)
Consulting Services for Information Security
The Value of Information
Information is business value, the basis for any company must be protected appropriately. This also includes each of the supporting processes, systems and networks as well as the individuals involved.
Regardless of whether it is information of a client, a customer or internally produced knowledge, when confidential information was published, urgently required information was not available anymore or integrity of reliable information was affected, damage would occur.
Checks on Information Security
operational services supports customers and partners to review their information security level. This includes a neutral analysis of the current situation.
In order to check a variety of customers and to keep the result comparable operational services uses a standardized procedure. The assessment method refers to the ISO/IEC 27001 standard and possibly - depending on the customer - to VDA standards.
According to your business segment which has to be valued we examine the business processes for you with the particular relevant subset of questions. Basically, a self-assessment based on a questionnaire is offered.
The self-assessment is the basis for the evaluation and the basis for a possibly subsequent on-site assessment. Together with you we can develop an action plan to support you in order to achieve the security level requested by the Volkswagen Group and to be prepared for an ISO 27001 audit.
Additionally to this standard-oriented procedure OS offers deeper information security analysis to develop targeted and customized measures together with you to enhance information security of your company.
Consulting on Information Security
Actual consulting takes place at the location of the partner company. Pre- and postprocessing can be performed at the location of OS.
The analysis covers the topics of the ISO 27001ff., among other things:
- Assessment of the infrastructural security (but not a complete analysis of basic protection according to the German Federal Office for Information Security - BSI)
- Access protection
- Visual protection and other protective measures regarding prototype protection
- IT infrastructure (e.g. server rooms)
- Backup strategy
- Network topology, remote access, WLAN
- Virus protection
- Disposal / destruction (IT, documents, components)
- Failure safety
- Disaster recovery plans
- Documentation of information security
- Awareness-raising and training of the staff
The topics are selected depending on the objective of the consulting.
As a result the partner company receives a report that includes:
- Assessment of the current status (strengths and weaknesses)
- Proposals concerning measures for improvement
Thereout even more activities can be deducted, e.g. support by OS when creating concepts or planning and evaluating measures.
- The results serve as a preparation towards an ISO 27001 certification or as precondition for a business partnership, e.g. with the VOLKSWAGEN Group.
- A previously performed self-assessment can reduce expenses in case your answers turn out that on-site assessment is not necessary.
- After the definition of measures you can prepare effectively and efficiently to meet the requirements of ISO 27001 or the requirements of a business partner.
For more information on this and all further questions our Service Support Center is at your disposal.
|Service Support Center|
|Phone (national):||0800 5 877 877|
|Phone (international):||+49 375 3542 8978|
+49 391 580130760