Certified ExpertS support Authorities and BusinesseS

IT Forensics, ISO27001 and Cyber Security

We help prevent and defend against cyber crime, business espionage and other infromation security risks.

Cyber Security Incident Response

Companies need during unexpected scenarios a response based on reasonable and focused approach towards cyber threats.

Our mission for a better future
Years Experience
0 +
Happy Clients
0 +
Countries
0
dispute value
0 m+

Advice for ISO 27001 Certification

Information security helps builds resilience for reliable business continuity. This leads to a positive ESG rating due to the sustainable business strategies of the leadership.

Besprechung der Maßnahmen zur Verbesserung der Informationssicherheit

ISO 27001 Consulting

Every company needs a reliable Information security management concept (ISMS). Our advice makes success easier for you.

Checkliste für ISO 27001 Zertifizierung

Certification Audits

Experienced ISO experts will accompany you during the audit of the certification body. This way you avoid frustration and conflicts.

ISO 27001 certifies compliance with information security

ISMS Documentation

A successful certification requires more than just a ISO 27001 template kit. We write the ISMS documents for you and safe you time.

The ISO/IEC27001 audit not only considers rules but also feasibility

ISO 27001 Certification

The ISO 27001 Certificate is easy to achieve when you prepare properly for the audit. Follow our step by step guide.

Integriertes Management System für ISO 27001 und Datenschutz

ISO27001 and GDPR

An integrated Management System for ISO 27001 and GDPR improves data protection and information security.

The phases, costs and requirements are explained in the initial consultation.

Free Consultation?

during our free consultation call we will explain to you the steps and associated costs of business certification.

Better protected with IT Forensics and Cyber Security

The risks of digital transformation are affecting all sizes of businesses. Even authorities and NGOs make use of ACATO’s expertise.

Besprechung der Maßnahmen zur Verbesserung der Informationssicherheit

IT Security Consulting

Every company needs an IT security concept to protect data, processes and vital stakeholders.

IT Security Audits

By checking your security measures you can reduce your risk expsosure and the annual insurance costs.

Digital Forensics

After an incident it is importnant to imediately let forensics secure and investigate evidence before it disappears.

Incidence Response

During a security incident one must act immediately, so to mitigate the damages evolving from the event.

Counter Espionage

Cyber Espionage and Sabotage are an increasing threat to corporations and innovative startups.

Cyber Attack Monitoring

Cyber criminals take advantage of unguarded assets and organisations, as they are easy to compromise.

Why can You be more successful with our help?

We are focused and innovative

Witness Experts

We write forensic reports for court disputes around the world. Even the most hopeless case will not deter us from tackling it.

Clear Communication

Complex aspects need to be summarized in an understadable manner. Decision makers need to be confident in handling a crisis.

Worldwide Available

Our Experts examine incidents in the UK, EU, Poland and in USA & CANADA.

Government Customers

For many years security authorities and government organisations utilize our special services to handle adverse scenarios.

Innovative Technology

We use industry standard security systems as well as our own special software to handle difficult Situations.

International Experts

Our Experts have experience in the fields of Cyber Security, Fraud Examination, digital Forensics and internationale court cases.

Businesses can gain a competitive advantage using ISO 27001

Why is Information Security so important?

The to the european legislation regularly adjusts itself to the economic situation in Europe. The number of data leaks, cyber attacks and the resulting impact for society are increasing. This is why UK and the EU have been developing a legal response to this trend. The EU has been enforcing GDPR now for some years. The United Kingdom has its own data privacy act: The Data Protection Act 2018. Unfortunately, companies need to make a greater effort to provent becoming victim to cyber crime and accidental data leaks. Legislation has been ramping up to enforce the new NIS 2.0 as it wants to improve business resilience of critical infrastructure providers. The new approach to information security leads to risk mitigation requirements trickling down to smaller suppliers of material and services.

In order to keep out of trouble and avoid suffering adverse ESG down rating, even smaller businesses need to look towards gaining the ISO 27001 certification. By implementing a certified Information Security Management System (ISMS) business owners and CEOs can prove they have made reasonable efforts to reduce the risk exposure of their organisation. On the other hand, this also allows to generate a competitive advantage as many competitors will not bother to protect their client’s data. Hence, such certified businesses display a greater trustworthyness and sustainable business leadership. To gain this desirable ISO 27001:2002 certificate, you need to have written a compliant documentation which the accredited certification body can examine. Those in your organisation handling sensitive information need to have attended an information security awareness training before the audit date. The internal audit is part of the process of information security required by the ISO 27001 standard. Our experts can releive you of a lot of paper work and save you great expenses. We will prepare you for the external audit and advocate on your behalf, should a lead auditor have a conflicting view of your security posture.

What do you need for the ISMS Documentation?

A Management System needs to fit the company's reality: All endangered assets, identified risks, relevant systems and required security measures and those responsible must be documented according to ISO 27001.

Who in my company needs to be trained?

All staff (incl. trainees and freelancers) must attend a Security Awareness Training based on their field of work. Internal Auditors and ISO 27001 Managers will require extensive training.

What are ISO 27001 certification bodies?

So that a company may apply for their ISO 27001 documentation be reviewed for conformity by contacting a certification body (CAB). The CAB dispatches an auditor to the company. The audit team will check documentation and implementation. Upon successful verification the ISO 27001 certificate may be issued.

What does an ISO 27001 Auditor do?

An ISO 27001 auditor reviews the documents of the Information Security Management Systems (ISMS) on their norm conformity. The auditor will inspect the implementation of the security measures in the company's routines. The Audit Report contains all observation along with the non-conformities. The certification body needs it for its decision process.

What are ISO 27001 Checklists for?

The ISO 27001 documentation can be highly complex and contain many documents. A checklist helps you avoid forgetting vital components of the ISMS. Some industries require very specific checklist in order to avoid failing an audit due to inconsistency.

How to best prepare for the ISO 27001 audit?

An ISO 27001 auditor prepares for an audit with a clear workflow in mind. This is why it is imminent for companies to also do their homework before the audit day arrives. All documents, trainings and briefings must be in place. Every vital person must be on standby to succeed.

What does ISO 27001 cost to implement?

An ISO 27001 project requires writing the documents, running internal audits as well as applying for the certification audit. Employees need relevant training.

How can an ISO 27001 consultant help me?

Creating an ISMS takes considerable time. If you are short in time, then you are well advised to let seasoned experts do the work for you. This will save you time, frustration and money.

Gain a better understanding by attending our events

If you would like to gain a better understanding of ISO 27001 and how to introduce it in your own organisation, then best attend one of our free informative workshops. These presentations are devivered by industry experts and experienced lead auditors.