Unterschied zwischen TISAX und ISO27001 - ISMS

Difference between TISAX® and ISO 27001

Information security in the company is becoming increasingly important. In this context, the establishment and maintenance of an information security management system, ISMS for short, is of central importance. In order to successfully master this project, TISAX® and ISO 27001 are often referred to. This blog article will therefore highlight the difference between TISAX® and ISO 27001.

Read more

4 Schritte zur ganzheitlichen IT- und Informationssicherheit - IT-Sicherheit - Informationssicherheit - ISB - Informationssicherheitsbeauftragter - ISMS - Assesments - TISAX

4 steps to holistic IT and information security

Hardly a week goes by without headlines about successful cyber attacks on companies. Not only large corporations, but also more and more small and medium-sized companies are the targets of cyber attacks. Regardless of whether the human factor is used as the attack vector or whether attacks are carried out directly on IT systems, the economic damage is enormous in most cases. In order to prevent such attacks, it is clear that a large number of IT security measures must be implemented in the company. The subject of IT and information security is complex and often not manageable. For this reason, organizations often ask themselves how one can initially approach such a complex topic in practice. Find out more about the first and, above all, essential steps to improve your information and IT security in our blog article.

Read more

ISMS einfach erklärt - IT-Sicherheit - IT-Security - Informationssicherheit - ISB - Informationssicherheitsmanagementsoftware - ISMS - Riskikofaktoren - Risikoidentifizierung - Risikoabschöpfung - Assets

ISMS – simply explained Part 2: Risk management as an essential part of the ISMS

In our blog article “ISMS – simply explained, Part 1: The importance of an ISMS for your company,” we have already described what you have to look out for when introducing an ISMS. In this blog article we introduce you to risk management as an essential component for the successful introduction of an ISMS. The task of risk management is to determine the company risks and to disclose their possible effects on your company and to treat them accordingly.

Read more

Was macht ein ISB? - Informationssicherheitsbeauftragter - ISB - Informationssicherheit - Datenschutz - DSGVO

Tasks of the information security officer (ISO)

In order to successfully implement an information security management system (ISMS) in a company, every company needs an information security officer (ISB). In this article we show you the extensive tasks of the ISB.

Read more

VDA-ISA für TISAX Version 5 - IT-Sicherheit - Informationssicherheit - Neuer Patch - Neue Version - Version 5 VDA ISA - Version 5 TISAX

VDA-ISA for TISAX® certifications: Publication of the new version 5

On August 4th, 2020 the Association of the Automotive Industry published a new version of the Information Security Assessment for TISAX® certifications. The current version 5.0 of the VDA-ISA catalog brings with it a new structure and fundamental changes in the structure of the modules. Find out more about the changes and the validity of the new requirements in our blog article.

Read more

ISMS einfach erklärt - IT-Sicherheit - IT-Security - Informationssicherheit - ISB - Informationssicherheitsmanagementsoftware - ISMS - Riskikofaktoren - Risikoidentifizierung - Risikoabschöpfung - Assets

ISMS – simply explained Part 1: The importance of an ISMS for your company

More and more companies are striving to improve information security in their own company. To meet this challenge, organizations rely on the establishment of an information security management system, or ISMS for short. In order for such a project to be implemented successfully, various aspects must be taken into account before the introduction, which the responsible persons must be made aware of. Find out more about the importance of an ISMS for your company in this blog article and our YouTube video.

Read more

TISAX® – simply explained: Assessment Levels

In the case of TISAX® assessment levels, the question arises again and again which of these are there and what impact they can have on a TISAX® project. Assessment levels are used to determine the depth of your final TISAX® audit, which is carried out by an external audit service provider. However, the type of […]

TISAX® – simply explained: assessment objectives and labels

Although there is still no general requirement for TISAX® certification, it is required by more and more automobile manufacturers. In order not to endanger the partnership, certification is then inevitable at the latest. Satisfying the complex requirements remains a challenge for many companies.

In our video series “TISAX® – simply explained”, we clarify the most frequently asked questions that we are asked again and again in practice. Our part 2 deals with test targets and labels.

Read more

TISAX ® – simply explained: You should know that

Many automobile manufacturers often develop their products in cooperation with supplier companies. In 2017, the Association of the Automotive Industry (VDA) developed the TISAX ® test and exchange mechanism to ensure secure processing and a trustworthy exchange of information between these companies. With TISAX®, a certification for information security in the company is created for automotive suppliers, which is specifically aimed at the needs of the automotive industry. The implementation of a TISAX® project is a complex challenge. With TÜV-certified TISAX® consultants from aigner business solutions GmbH, however, we support you efficiently and effectively in order to obtain the desired certification as quickly as possible. Find out more in our blog article and our first video in the TISAX ® series – simply explained.

Read more

Ransomware! How does malware get into the company?

Ransomware – A form of digital blackmail

Ransomware attacks are arguably one of the most widespread attack methods that cyber criminals use to harm companies. The attack method of digital blackmail aims to encrypt as many company-internal files as possible automatically. They should thus be made unusable for the company. The internal information can only be accessed again if the organization pays a ransom to the criminals and in return receives a decryption code for their unusable files. Encrypted files lead to production downtimes, reputational damage and financial losses in companies.

Read more