After looking into the new DIN (Deutsches Institut für Normung) specification and taking part in a training event at the BSI (Bundesamt für Sicherheit in der Informationstechnik / German Federal Office for Information Security) for the use of the software to carry out the CyberRisikoCheck in accordance with DIN SPEC 27076 “IT-Sicherheitsberatung für Klein- und Kleinstunternehmen”, we are now pleased to be able to offer this check.

The check itself

This check consists of several steps, which can be roughly summarized as follows

• Initial meeting (basic procedure, required preparation on the customer side)
• Carrying out the cyber risk check (answering the questions by the management and, if necessary, the IT manager role, resulting in a completed questionnaire and a risk status value)
• Discussion of the result (explanation of the risk status value, recommendation for taking and prioritizing measures if necessary)

There are currently a total of 27 questions from 6 fields of action that must be answered and evaluated. The use of the software provided by the Federal Office is not mandatory.

Further information on the CyberRisikoCheck

Additional information on the CyberRisikoCheck and available service providers can be found at the Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik), for example.

Thinking “outside the box”

Of course, we can also support you on the basis of other frameworks, norms and standards. In the field of information security, you may be familiar with ISO / IEC 27001, the BSI standards (200-x) or the industry-specific security standards (B3S) against the background of applicable KRITIS requirements at national level in Germany. In the area of business continuity management, ISO / IEC 22301 or the BSI standard 200-4 may be familiar.