Data Protection

Information Security

External Data Protection Officer
External Information Security Officer
Penetration Testing

Contributions from
Holzhofer Consulting
self test
External Information Security Officer

Cost Savings
Save high implementation costs with long lasting our professional experience shaped by entrepreneurial pragmatism and a well sorted toolbox. We are independent from vendors and are therefore in the position to offer organizational and technical solutions that fit better to some extent than expensive hard- and software from security vendors.

Security by Continuity
You have decided that information security should be a strategic component of your enterprise risk management? You understand that information security is a process to safeguard the sustainability of your investments and a permanent gain in security rather and not only one-time measures like a flash in the pan.

IT-Security Officer or Information Security Officer?
We understand information holistically, independently if information is processed with the help of IT. On the predominance of the term IT security we use it synonymic for information security. We promise to practice information security not (only) with the IT point of view.

Key Role Employee
The best security technology loses its protective function if your employees don't pull together when it comes to information security. Therefore an important objective is to create security awareness and change the behavior of your employees. Only with the knowledge about threats and accepted personal responsibility vulnerabilities can be detected early and can be closed timely.

Standards and Best Practice
Security standards help not having to reinvent the wheel and to find a common language with business partners. Depending on the requirements you decide to use standards as a rough orientation or to fully comply with them.

Common tasks of an information security officer are:

  • Information security management according ISO 27001
  • Preparation of security concepts
  • Creating and maintenance of information security policies and guidelines
  • Information security risk management pursuant to ISO 27005
  • Business continuity management
  • Information security incident handling
  • Information security awareness programs und trainings
  • Planning and conduction of penetration tests
  • Planning and conduction of vulnerability assessments / security analysis
  • Creation of identity management and access control concepts
  • Creation of physical access control concepts and concepts about physical security
  • Creation of hardening guides for operating systems, databases, applications, network components, VoIP and implementation of hardening
  • Security reporting (KPIs, risk and threat level, security incidents, ...)

More information security services:

Information security service offerings

We appreciate preparing a detailed and customized offer for your company.
Certifications of our experts
  • Data Protection Officer (TÜV)
  • Data Protection Auditor DSA-TÜV
  • Certified Data Protection Officer (udiszert)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA)
  • Certified in Risk and Information Systems Control (CRISC)
  • BSI ISO/IEC 27001:2005 Lead Auditor
  • Offensive Security Certified Expert (OSCE)
  • Offensive Security Certified Professional (OSCP)
  • Certified Ethical Hacker (CEH)
  • ITIL Foundation Certified
Foto Martin Holzhofer External Data Protection Officer „Data protection and information security are crucial for every company. Save costs in these challenging areas by an external data protection officer and information security expert. We are pleased to help.“

Martin Holzhofer,
Holzhofer Consulting GmbH
Tel. Holzhofer Consulting GmbH