Our Services

We cover the entire SRC range

Our approach

At SRC Security Risk Compliance GmbH we follow a risk-based approach when describing our services. Ultimately, all services aim - depending on the risk appetite - to eliminate, mitigate or, depending on the impact, ignore risks. We do not base our strongly technology-driven approach solely on the fact that the main risks correspond to technology and cyber risks.

Top 10 risks for the year 2021

Representation of the essential SRC domains

Security
Our holistic service includes auditing, establishment, implementation, as well as management of an ISMS suite based on recognized standards (ISO27001, NIST, SOC2, etc.)
Risk Management
Services include, but are not limited to, identification of relevant risks, development of customized risk scenarios and assessment approaches for IT and non-IT stakeholders
IT Compliance
Develop industry/technology-based compliance and security approaches and compliance dashboards and reports to map operational effectiveness of controls
Internal Control System
Design implementation and further development of an ICS as well as overall or partial ICS Health Check (audit and/or evaluation)
Automation
Planning, design and implementation of internal, scalable control automation to increase efficiency
Data Analytics
Creation of (data) pipelines and dashboards for clear, concise, holistic and real-time risk assessment

Corporate KNOWHOW aligned with STARTUP Spirit

We are a dynamic consulting startup. With the help of state-of-the-art information technologies, we help our customers to sustainably optimize their processes, organizational structures and workflows, as well as to design information structures in such a way that internal and external requirements can be met efficiently and in line with quality standards.

1
Familiarity of customer wishes
We start with the customer and work backwards from there. We work constantly to gain and retain the trust of our customers. We have the implementation power to realize innovations. We empower your company and your employees as a team to drive digital transformation for the long term.
2
Digitization of processes that are difficult to automate
Security Risk Compliance GmbH is not a classic consulting firm: We are courageous pioneers, ambitious founders, and creative minds who work together respectfully and with strong implementation skills. We energetically develop ideas that we methodically implement as a team. In doing so, we give great importance to automation through digital tools.
3
Use of proven innovative methods
We promote a decision-making process based on appropriate data analysis, relevant information research and the credibility of the decision-makers. By using proven IT tools, project approaches and our professional expertise, we help you optimize your processes sustainably and efficiently.

Detailed (risk-oriented) SRC performance overview

Technology risks

IT Process Improvement
IT Policy and Procedure Review, Master Data Management Review, IT Governance Advisory Services, Application Security Advisory, Project Risk Management
Financial Audit IT Integration
Application Control Review, Information System Audit, Segregation of Duties Review
Internal controls & Regulatory compliance
Preparation and Readiness, Service Organizations Controls, Reporting Management Reporting
Software Asset Management
Software Asset Management
Consulting ISO Implementation
ISO 27001 Certification Advisory
Third Party Risk Management
Contractual Compliance, Vendor Risk Services
IT Assurance
IT Due Diligence

Cyber Risk

Cyber Risk Management
Strategy and Governance, Cyber Program Management, Culture and skill enablement, Risk and compliance management, Architecture and business enablement
Digital Identity & access
Identity governance and administration, Access and authentication, Digital and customer IAM, Privileged access management
Data and application protection
Encryption and obfuscation, Data loss prevention, PCI Data Security Standard, Network Security, End Point Security, Cloud Security
Privacy
Data privacy compliance, Data Classification and Identification, Data Security Governance, GDPR
Cyber threat management
Cyber Security Monitoring (MIST / SOC)s, Vulnerability Assessment & Penetration Testing
Cyber Resilience
BCM / IT DR, Breach response and recovery
IoT / OT
IoT / OT Security Architecture, Critical Infrastructure Protection and IoT/OT process safety, Digital SOC and IoT security, IoT Security transformation

SRC Tools

SRC Dashboard
Digital solution for setting control standards, measuring performance, and taking corrective action.
SRC Controller
Automations for internal audits and periodic monitoring with dashboard-based results.
SRC Molecule
Solution for software management requirements that enables contract management, software implementations, compliance position and maturity assessments.
SRC Project Management
Maturity assessment of the information security program and extraction of improvement potentials
Von Jaber Kakar

Your guide to a holistic approach to security

Comprehensive process for achieving information security and regulatory compliance
White paper - Compliance consulting

Information security:
A holistic digital approach

Learn more about how they effectively meet compliance and information security requirements