External IT security officer
for your company in Germany

The introduction and implementation of an IT security management system (ISMS) to ensure corporate data security is only possible with the appropriately qualified IT security officers (i.e. data security officials). These professionals in particularly are rare commodities on the market or cannot be sufficiently utilized in order to justify a permanent position. Therefore, for most companies (in Germany), the appointment of an external IT or data security officer is advisable.

Duties of an external IT security officer

As a general rule, the IT security officer should represent a supervisory/control function for internal or external IT. Extensive technical and organisational know-how is required for this. However, employees as internal IT security officers will get operational tunnel vision after a certain period of time in the company. Via their work in different companies, external service providers have had comprehensive experiences and maintain a meaningful critical distance, which internal employees normally do not.

As an external IT security officer, the experts of activeMind AG assist you in carrying out the monitoring and advisory function in your company. This is how we make a significant contribution to your data security and, if requested, we’ll accompany you all the way to an ISO 27001 certification.

Cost of an external IT security officer

The expense for an external officer for information and IT security depends greatly the organizational and technical structures of your company. Together with you, we determine which ISMS fits best for your company on an individual basis. In general, we offer data security services as the following packages at the fixed price:

Our IT experts

  • Experienced auditors

    The activeMind AG experts are licensed and active auditors for ISO 27001 (TÜV Hessen) [Technical Control Association] and ISO 27001 based on IT protection of the Federal Office for Information Security [Bundesamt für Sicherheit in der Informationstechnik – BSI]. We know which certifications for companies are optimal and how to get them.

  • Optimised processes

    The employees at activeMind AG possess self-developed training and inspection models, which have been tested over many years. We provide companies with immediate, compact reports with maturity levels, key figures and prioritisation for their to-do lists.

  • Technical expertise

    The consultants at activeMind AG are capable of independently examining all technical aspects. With our comprehensive IT knowledge, we can identify and close possible security gaps directly on site.

  • Data Security

  • Compliance with the minimum requirements of data security
  • Conducting an internal
    audit annually
  • Support with ISO 27001 certification
  • Data Security

  • Compliance with the minimum requirements of data security
  • Conducting an internal audit annually:
    security audit
  • Support with ISO 27001 certification
  • Data Security
    Management (ISO 27001)

  • Compliance with the minimum requirements of data security
  • Conducting an internal audit annually:
    ISO 27001 compliant
  • Support with ISO 27001 certification

Detailed services, data security packages: Basis, Business and Management (ISO 27001)

Data Security
Data Security
Data Security
(ISO 27001)
Appointment of an IT security officer
Status report and meeting 1 x annually 1 x annually 1 x annually
Training employees (any number) at the corporate headquarters 1 x annually 1 x annually 1 x annually
Access to the online-training portal for a maximum of 50 employees
Support on inquiries relevant to data security (any number) Per inquiry ≤ 15 minutes Per inquiry ≤ 30 minutes Per inquiry ≤ 60 minutes
Conducting internal audits with reports security audit (1 x annually) ISO 27001 compliant audit (1 x annually)
Inspection of data backup (server) 1 x annually 1 x annually
Inspection of the firewall, remote access rules for a maximum of 25 rules 1 x annually 1 x annually
Support with ISO 27001 certification audits Max. 5 days annually
Workshop creating a risk management system
Risk analysis update 1 x annually
Creation of ISO 27001 SoA
Draft security policy
Draft authorisation allocation guideline
Draft remote access guideline
Draft data backup guideline
Draft of a network plan up to 50 systems
Draft firewall guideline
Draft virus protection guideline
Draft risk management guideline
Draft change management guideline
Draft error management guideline
Draft security incident guideline
Draft use of corporate resources guideline
Draft system logging guideline
Draft communication guideline
Draft guideline for roles and responsibilities in data security
Central administration portal for regulations

Form for a free inquiry

Simply send us a little information on your company so that we can create an individualized and unbinding offer for you. We will contact you immediately!

Please share the following information to receive a personal offer:

0 + 7 = ?

Satisfied activeMind AG customers