ISMS compliant to ISO 27001 and TISAX

The Gold Standard

Enhance reputation, effectively protect against cyber threats, demonstrate your company's level of information security to customers, suppliers, investors, and insurers, and reap the financial benefits of compliance with a recognized ISMS standard.

Competitive Advantage of Certified Information Security
The ticket to working with enterprise customers thanks to certified information security standards: Internationally recognized standards such as ISO 27001 and SOC 2 or industry standards such as TISAX - we accompany our customers from the very beginning through the process of establishing an ISMS, through the audits and also subsequently during operation.
Meeting Customer Requirements
More and more companies are obliging their business partners to implement an ISMS. In the automotive industry, the TISAX standard is made mandatory by many OEMs - now even for smaller business partners and throughout the entire supply chain. Complimate supports suppliers large and small on their way to a successful audit.
Governance, Risk, and Compliance
Complimate provides support in all areas of the ISMS establishment process, including the necessary governance, risk management, and compliance topics that are important for successful certification within the framework of an ISMS establishment.
Cyber Security
The core of information security today is IT and cyber security. We support IT departments in designing compliant processes and systems. We bring our experience in strategic IT decision-making processes to the table and support the development, evolution, evaluation, and prioritization of IT security initiatives.
Policies, Processes, Templates
Benefit from our prep work and use our proven templates for information security guidelines, policies and various other documents, as a starting point for further customization and individualization. Complimate's templates can be easily set up on SharePoint, Confluence, or other systems already present in the company.
Compliance Software and Security Platforms
Many advanced compliance software applications and platforms are on the market to simplify and accelerate the compliance process. We are happy to work with various applications and, if desired, support you in selecting and implementating these systems.
The Complimate Project Plan for ISMS

Well Accompanied from Assessment to Certification


1. Get-to-know

We get to know each other in an initial meeting. Complimate presents our method for successful ISMS projects, and you introduce us to your expectations, goals, and the available time frame.


2. Proposal

Based on the information gained from the initial meeting, we submit our offer to accompany the ISMS implementation project at your company.


3. InfoSec Assessment

We conduct a detailed assessment of your company's information security and use the results to refine the project plan and scope required resources.


4. Kick-Off

The cross-functional information security project team comes together to start the ISMS implementation project.


5. Establishing the ISMS

Establishing the ISMS with the development of the required policies, processes, and procedures as well as their operational implementation and changes to existing structures, represents the most extensive project phase.


6. Internal Audit

At the end of the establishment phase and with some time to spare before the actual audit, we conduct an internal audit, close existing gaps, and define corrective action plans (CAPA).


7. Audit

Depending on the scope and the number of sites to be audited, the audit with the certification body may take a week or longer.


8. Remediation and Corrective
Action Plan

After completion of the audit, we provide support, if necessary, for measures relating to deviations identified by the audit service provider.

Beyond the ISMS establishment project, we are happy to accompany our customers as information security officers (ISO) permanently and develop the ISMS further in the long term under the PDCA cycle through the audit cycles and follow-up audits.

An ISMS requires ongoing support, further development, and auditing to ensure that it remains an effective management system. Classic follow-up tasks are, for example, measuring the effectiveness and efficiency of the established guidelines and processes through corresponding KPIs, which are used to refine the system.

Scare Resources

"Especially with smaller customers, ISMS projects usually take tighter timeframes and fewer resources. This is a challenge for which we provide the matching methods, support, and services."

Foto von Arne Halenza