With the web-based tools "VdS Quick-Check", companies can obtain an initial picture of the status of their information processing, divided into the following topics:
- Information security (Office)
- Information Security (Production/ICS)
- Data protection
The questionnaires are used to determine the company's individual degree of fulfilment in various fields of action, such as organisation, technology, prevention and management or processing principles. Fast, detailed, free of charge and including a detailed report of the results with concrete recommendations for action.
Based on the results of the VdS Quick-Check for Information Security Management Systems, our auditors examine the measures taken for cyber security in your company on site. The VdS Quick-Audit is particularly suitable for smaller companies and usually takes one day. The audit report after completion of the investigation shows point by point which measures are already effective and uncovers existing gaps.
The results of the VdS-Quick Check on the General Data Protection Regulation (GDPR) form the basis for the Quick Audit, in which the data protection measures introduced in your company are examined on site by our auditors. The audit usually takes one day. The guidelines VdS 10010 serve as a guideline for this, with which you can implement the legal, organisational and technical requirements of the GDPR clearly structured and with manageable effort.
The sector-neutral VdS guidelines 10000 are a catalogue of measures for a management system that is specially tailored to SMEs and improves the information security status of a company. The minimum requirements for information security are formulated in an understandable way and are designed in such a way that SMEs are not overburdened organisationally and financially. The VdS 10000 guidelines are based on the recognised standards ISO 27001 and BSI-Grundschutz.
The sector-neutral VdS guidelines VdS 10010 are a catalogue of measures for a management system that is specially tailored to SMEs and improves the data protection status of a company - without overburdening the company organisationally and financially. The VdS 10010 guidelines are based on the EU General Data Protection Regulation (GDPR) and the current Federal Data Protection Act (BDSG-new).
Companies that do not have their own cyber know-how will need external help. VdS expressly recommends that these companies contact a VdS-approved cyber security consultant. The VdS certification shows that the consultants are among the top experts in the field of cyber security, know the VdS 10000 cyber guidelines and other relevant VdS protection standards and can implement them for their customers.
For reasons of efficiency and error prevention, companies will seek professional help in implementing VdS 10010 - especially to prepare optimally for a certification audit. VdS-approved consultants for data protection management in accordance with VdS 10010 offer this assistance. Information on the approval procedure can be found here.
The logical consequence as the next expansion stage after the VdS cyber services Quick Check-Quick Audit and Certification Audit in accordance with VdS 10000 is the establishment of an information security management system. ISO 27001 is the globally recognised requirement level for the establishment of such a management system.
Our courses on cyber security are events that take place in small groups. Depending on the course, e.g. group work and excursions are also planned. The participants receive comprehensive training documents and a certificate of attendance. After passing the exam, a certificate can also be issued.
Small and medium-sized companies in particular are often in the crosshairs of cyber criminals. One of the main reasons for this are the conventional security standards, which often overwhelm SMEs. With the publication of the guidelines "Information Security Management System for Small and Medium-Sized Enterprises (SME)" (VdS 10000) and the associated new range of services, VdS offers all SMEs the opportunity to close this security gap organisationally and financially with about 20 percent of the effort compared to the ISO/IEC 27001 series.