When it comes to data protection there is plenty to be done, particularly with regard to the new EU General Data Protection Regulation (GDPR). An external data protection officer from TÜV Hessen can help you save costs and inspire confidence among your customers.
Our modern organization aims to ensure that water and energy supplies, IT and mobility all run smoothly. The Federal Office for Information Security (BSI) and the Federal Office of Civil Protection and Disaster Assistance (BBK) have identified sectors and industries that operate critical infrastructure. These include organizations that are of significant importance for public welfare and the failure or impairment of which could have significant consequences for the population. Responsibility for protecting critical infrastructures such as these lies mainly with the respective owners or operators.
These operators must therefore take suitable measures to protect the infrastructure and prevent interruptions. These involve identifying, understanding and minimizing risks, and preparing for potential crisis scenarios. In Germany, protection for critical infrastructure is governed by the IT Security Act, the Act on the Federal Office for Information Security (BSIG) and significantly by the Regulation for Determining Critical Infrastructures as per the BSIG (BSI-KritisV).
Inspection report required
The BSI does not require certification. Instead, the law states that a suitably qualified inspection organization must verify protection. TÜV Hessen can help you to obtain the necessary verification report for the BSI.
This must be submitted every two years. Once the inspection is complete, we can create the required report for you so that you can submit it to the BSI.
The following sectors and industries are defined as critical infrastructures according to the IT Security Act. The threshold values in the BSI-KritisV indicate which companies are affected in these sectors:
Transport and traffic
Finance and insurance
IT and telecommunications
Media and culture