Question 1

What does Security Consulting at DeltaSecure include?

Accepted Answer

Three core areas: (1) ISMS implementation per ISO/IEC 27001 or TISAX including policies, risk management, and training. (2) Audit preparation and support -- we bring your organization to audit-readiness through external audits. (3) Secure IT and cloud architecture (AWS/Azure/GCP) including concrete action items with timelines.

Question 2

How long does it take to build an ISMS?

Accepted Answer

Typical ISO 27001 or TISAX projects take 4-9 months from kick-off to audit, depending on company size and maturity level. With existing structures (e.g., established policies, clearly defined processes), 3-4 months may suffice. For a complete build-up in a mid-market company without prior experience, 9-12 months is realistic.

Question 3

Who are the DeltaSecure consultants?

Accepted Answer

Senior consultants with years of hands-on experience and relevant certifications (CISSP, CISA, CISM, ISO/IEC 27001 Lead Auditor / Lead Implementer). Managing Director Dominik Munsterer has led security projects for Commerzbank, Airbus, KfW, ADAC, Traton (MAN), ZF Friedrichshafen, and the German Federal Ministry of the Interior, among others.

Question 4

What does Security Consulting cost?

Accepted Answer

Billing is per day rate or as a fixed-price project based on scope. Day rates are in line with the market for senior consultants in the DACH region (exact pricing in individual proposals). For standard projects, we recommend a fixed price -- giving you budget certainty and us outcome responsibility.

Question 5

Does DeltaSecure also support the actual audit?

Accepted Answer

Yes. We accompany you on-site as audit support -- from pre-audit check through Stage 1 and Stage 2 audits to remediation of findings. For TISAX assessments, we have a 100% success rate across all projects to date.

Question 6

Does DeltaSecure also offer penetration tests?

Accepted Answer

Yes. Penetration tests are defined in a scoping workshop (web app, internal network, cloud infrastructure, Active Directory) and conducted per OSSTMM/PTES methodology. You receive a detailed report with severity ratings, reproduction steps, and concrete remediation recommendations.

Expert consulting

Our consulting services

ISMS Implementation

Audit

Secure IT & Cloud Architecture

Frequently Asked Questions

Clients