As a security and risk manager certified in accordance with the Austrian norms ONR 49000 and ÖNORM S 2400 ff., I carry out needs-based security and risk analyses. When this is done, either existing security managment systems are evaluated or the information relevant to implementation of a new security concept is analysed. The objective is to prepare an analytical report as the starting point for further security managment measures.
On the basis of the security and risk analysis, the protection objectives are defined and a security concept is prepared. The framework is provided by the minimum requirements for the specified security standards that I have worked out together with my clients as well as by definition of the residual risk deemed acceptable. To facilitate realistic implementation of the planned security measures, my security concepts are always guided by the real-life requirements of my clients.
Based on the type and extent of the security measures included in the security concept, when applying these measures in practice I take advantage of the professional network of security experts that is available to me. On the one hand, this means that my clients benefit from high-quality implementation of the required measures by competent specialists and, on the other hand, they benefit from my continued availability to them as the contact person who accompanies the implementation.