Modular process model
We have designed our process model for ISi consultations as modular phases. Each phase builds on the preceding one, although we can also provide support in individual phases alone.
Phase 1 Gap analysis
As the first step, it is generally advisable to carry out a gap analysis in a joint workshop. This is a neutral analysis of the current situation in your company.
Based on the assessment of documents and interviews, you can find out your current status and which tasks should be completed to reach your targets. Our consultants then derive the necessary improvements and evaluate the outlay required to implement them.
When carrying out the gap analysis, the results of a pre-audit on information security, or a previously completed TISAX® assessment with the corresponding findings, may also be considered.
Phase 2 Implementation
The content and scope of the implementation phase are defined based on the results from Phase 1 and your objectives. When doing so, we draw up a measures catalog together with you, which will help you in the preparations for meeting your objectives.
It is then time to implement the defined measures. These services are offered by OS, but at least some of them can also be carried out by your company. The exact assignment of tasks is defined at the beginning of this phase.
Phase 3 Support
Our consultants optimally prepare your company for the certification audit or TISAX® assessment, using tried-and-tested audit checklists.
Before, during, and after certification or the assessment, our consultants stand ready to provide support immediately should your employees require help or if additional improvement measures are identified.
We assist your company right up to certification maturity.
Phase 4 Further assistance
The OS specialist consultants can, if required, provisionally carry out tasks and processes on your behalf, even if this is the responsibility of the client:
- Externally appointed information security officer
- Externally appointed data privacy officer
- External support for internal audits or reviews
TISAX® is a registered trademark of the ENX Association.