We analyze and benchmark the information security level of the organization, department or system in scope, based on international standards (ISO 27001, 27002, SANS 20, IEC 62443, NERC CIP, etc.) to plan security mitigation measures based on facts.
Understanding and managing information and IT security in an organization can be a complex undertaking. Getting a bird’s eye view of your current information and IT security landscape is the foundation to understand where you are and what strategic and tactical steps need to be taken.
With our ISO security audits you can easily determine your organization’s information and IT security strengths and weaknesses, and derive measures to better protect your assets.
Oneconsult will support you with this endeavor applying relevant international information and IT security standards to assess your situation, taking into account your industry and organization-specific circumstances.
We have a team of certified ISO 27001 Lead Auditors. Depending on your requirements, our security audits may be carried out based on ISO 27001, ISO 27002 or your own methodology.
Depending on customer requirements and context, our security audits may be based on different standards or recommendations.
Information and IT security standards:
ICS (SCADA / DCS) standards:
Oneconsult AG is an internationally operating Swiss cyber security consulting company with offices in Switzerland and Germany, a customer base of 250+ organizations and 1000+ completed security projects worldwide. We are your trustworthy partner for a holistic cyber security approach against external and internal threats such as APT, hacker attacks, malware infection, digital fraud and data leakage. Our core services are penetration tests, ISO 27001 security audits and IT forensics. To protect your organization and mitigate specific information security risks, Oneconsult also offers practical security consulting, security training and virtual security officer services. We have dedicated IT security researchers and a large team of certified penetration testers (OPST, OSCP, etc.), digital forensics experts (GCFE) and ISO security auditors (ISO 27001 Lead Auditor).