500+ customers place their trust in us - from startups to large companies
The flexible solution for your information security
What is an external ISO?
An information security officer (ISO) is responsible for protecting sensitive information, implementing legal requirements and further developing the information security management system (ISMS). However, small and medium-sized companies in particular often lack the time, expertise or human resources to adequately fill this role internally.
An external ISO is a qualified expert who takes on these tasks - not as part of your company, but as a specialized service provider with a neutral view from the outside.
HvS-Consulting provides you with experienced and certified information security officers who can quickly integrate into your organization, keep an eye on risks and implement practical security measures.
This way, you will benefit from an ISO who not only documents, but also effectively shapes information security in everyday business life.
Making sure your everyday information security works
Duties of an information security officer (ISO)
Our external ISO not only takes on formal duties in your company, but also ensures that information security works on a day-to-day basis - in a practical, binding manner and tailored to your organization. We can support you with the following tasks, among others:
Filling an internal ISO position costs time, money and nerves. Our external ISO is available without a long wait - ready to support you with full expertise.
Flexible. Experienced. Reliable. Experts who live for security!
The advantages of an external ISO
Ready in no time
No long onboarding or recruiting processes. Our ISOs are available immediately and start with full know-how.
Objective and neutral
Our experts recognize risks unbiased and at an early stage - for maximum security.
Saves time for your team
Internal resources are being relieved so you can concentrate on your core business.
Secure for audits & tests
ISO 27001, TISAX etc.: We know the requirements and know what auditors look for.
Seamless collaboration
We work closely and efficiently with your internal IT and management - without any frictional losses.
Flexible & predictable costs
Our services are tailored to your needs - from short-term support to long-term partnerships. Always with a transparent & calculable cost structure.
Specialist qualification
Our ISOs have in-depth specialist knowledge and structured working methods that will advance your security.
Proven solutions
Not just theory and bureaucracy: we deliver tangible measures that work in everyday life.
Resilience & awareness
Practiced information security strengthens your company in the long term. We also offer awareness training for all employees.
Our service packages at a glance
We offer three different packages, S, M and L, to suit your individual requirements - as much support as necessary, as little effort and cost as possible.
Please contact us for an individual offer.
The duration of the cooperation can either be fixed in advance or concluded for an indefinite period.
Our packages /
costs
Package S
Package M
Package L
Individual
Personnel per week
0,5 person day
1 person day
1,5 person days
By time and effort
Personnel per year
22 person days
44 person days
66 person days
By time and effort
Monthly flat rate
3.600 Euro
7.200 Euro
10.700 Euro
By time and effort
Expense per year
37.000 Euro
74.000 Euro
112.000 Euro
By time and effort
Get in touch now
We will work with you to develop individual and practical information security solutions - efficient and tailor-made for your company.
Our experienced expert for your information security:
Mario Melmer – Information Security Consultant
With over 6 years of experience, Mario Melmer supports companies in the establishment and further development of information security management systems (ISMS). He offers coaching, consulting and training around ISMS and conducts audits and gap analyses.
His qualifications include:
- ISO 27001 Lead Auditor & Lead Implementer
- BSI IT-Grundschutz expert
- Additional test procedure competence acc. §8a BSIG
- TOGAF 9.2 Certified
- GDPR Practitioner
- ITILv3
- Professional Scrum Product Owner
He leads a team of experienced experts and ensures that security services always meet the highest quality standards.
With his in-depth know-how, Mario Melmer provides practical, effective security solutions that are precisely tailored to your company's needs.
External ISO: Frequently asked questions
Not across the board - but in many cases de facto necessary due to regulations. We take a closer look at this question in our blog article.
Our service is aimed at start-ups, small and medium-sized enterprises (SMEs) and larger companies that have already established an information security management system (ISMS) but have not (yet) appointed a permanent ISO.
The participation of our IS experts in audits is generally possible, but is not part of the standard scope of services and is offered and invoiced separately.
Yes, our external ISO assesses your organization's unique risks based on industry, size and security standards, ensuring that security policies are targeted to your threat landscape rather than using generic templates that may not adequately protect your organization.
With over 80 highly qualified cyber security experts and more than 20 years of experience, we support over 500 satisfied customers - including 50% of DAX-listed corporations and hundreds of medium-sized companies.
In addition, we have already sensitized over 1 million employees, managers, administrators and developers with our awareness training.
We are convinced that the values of our society must also be protected in cyberspace. That is why we help organizations to protect themselves with the right combination of technologies, processes and people.
In concrete terms, this means:
- We make individual risks and threats tangible and understandable (Identify).
- We increase resilience to cyber attacks through targeted measures (Protect).
- We develop concepts to detect cyber attacks promptly (Detect).
- We limit the damage caused by cyber attacks through good preparation and a professional response (Respond).
- We help companies to get back up and running quickly after an attack (Recover).
In all of this, we take the approach of transferring successful cyber security strategies from corporations to SMEs with a sense of proportion and pragmatism, using high-quality best practices and standards.
In short: we see ourselves as a “boutique” and deliver quality instead of quantity.
Other services that might interest you
In an IT emergency, every second counts - our incident response experts are on hand 24/7 to provide you with professional assistance. With a framework agreement, you have prioritized treatment compared to new customers.
Which systems are accessible and potentially vulnerable? Our vulnerability scan identifies security gaps, shadow IT and forgotten services - before attackers do.
Security audits are your opportunity to have the efficiency and effectiveness of your established ISMS confirmed. Arrange an audit appointment with us today.
Sensitize your employees, managers, administrators and developers with a holistic cyber security awareness campaign.