Management
Projects
Manage agile, traditional or hybrid projects.
Processes
Optimally manage and model processes.
IT Security
IT security standards
implement and live.
Interim
Perform temporary support and coaching.
Projects
Based on our many years of experience in project management, we carry out projects of all sizes not only in the agile world, but also in traditional or hybrid environments. We see ourselves as intermediaries between expertise and implementation, meaning that we aim to understand the project content to such an extent that professional project management can be implemented. Depending on the client's preferences, we follow PM standards such as IPMA, PRINCE2, Scrum or SAFe.
We also provide consulting services for the implementation of such standards, among other things, as part of the introduction of PM manuals or overarching standards such as CMMi.
We also provide consulting services for the implementation of such standards, among other things, as part of the introduction of PM manuals or overarching standards such as CMMi.
Processes
We provide support in the creation and documentation of processes and process models, such as for business processes, software development or product development. In process modeling, we focus on achieving the highest possible level of automation. We have extensive experience in compliance areas such as ISO27000, CMMi or BAIT. For documentation, we use standards such as BPMN and best practice software such as Signavio, ARCIS or Visio. Process orchestrators like Camunda are used for process automation.
IT Security
Our experience in IT security ranges from implementing security standards such as BSI basic protection, ISO27000 or BAIT to implementing IAM / PAM systems (OneIdentity, Forgerock, Tenfold), setting up SOC / SIEM, and optimizing security through the introduction of IT policies, defining naming conventions, introducing automated processes in user and rights management, or setting up jump servers, transfer platforms or introducing zero trust frameworks.
Interim
As interim managers, we take responsibility for leading departments or teams, with a particular focus on IT and product development departments. Our experienced staff guarantee a very rapid familiarization with your topics, taking into account the existing corporate culture, and in close coordination with our clients, focusing and implementing on the specified goals. We can also actively support change management for required reorganizations.
Technologies
PAM
Secure administrative access to the IT infrastructure.
Cloud
Implement and secure Microsoft M365 in a controlled manner.
IAM
Automate user and rights management.
SOC / SIEM
Detect and defend against cyberattacks.
PAM
In Privileged Access Management, we take care of the authorization management on the administrative side of the IT infrastructure, especially in critical infrastructure companies. PAM accounts are classified and embedded in user and rights management processes, which are implemented as automated as possible depending on the requirements. Management systems such as Forgerock, OneIdentity or Tenfold are used in conjunction with orchestration systems such as Camunda. In addition, target architectures such as Zero Trust Frameworks are supported to achieve the highest possible security standard. Regulatory requirements such as ISO27000, BSI basic protection, or BAIT are usually also taken into account here.
Cloud
We support you in the implementation of Microsoft M365, particularly in the administrative setup for hybrid architectures, including the integration between Azure AD and on-prem AD, where the synchronization between the two directories needs to be designed. Furthermore, an IT security concept must be created that secures the endpoints in use, for example with MFA and integrated hardware and software supply processes.
IAM
The introduction and expansion of products such as Quest OneIdentity, Forgerock Identity Platform, or Tenfold are the focus of our consulting services related to Identity & Access Management. We support the design of processes related to the user lifecycle, the definition of account types, AD structures, or naming conventions. In this context, we also advise on file server hardening, for example, against ransomware attacks, in defining file server permissions and structures, and accompany necessary document classification and file server migrations. To achieve the highest possible degree of automation in the ULC process, we support the integration of HR systems, AD/AAD, KISS, SAP, as well as systems for managing software permissions and distribution.
SOC / SIEM
In the context of the new requirements of the IT Security Act 2.0, the introduction of SOC/SIEM infrastructures is particularly necessary for critical infrastructure companies. We organize the introduction of the technology for you, including the architecture of transfer networks, network, system and application monitoring, firewall authorizations, the setup and connection of sensors, the necessary measures to reduce vulnerabilities, if necessary, and the ramp-up process for interpreting sensor results, as well as the definition and introduction of rule and emergency processes.
Sectors
Telecommunications
Energy
Finance
Engineering
Telecommunications
Experience in the telecommunications sector:
- Program management for IPTV (service delivery, sales)
- IPTV risk management
- Architecture management for wholesale customers
- Introduction of risk management, process analysis and documentation (BPMN, Camunda)
- Integration, release management processes, product rollout & deployment management
- Introduction of a product development process based on CMMi with BPMN (Camunda)
- Process analysis, process development, process quality, management of the process team
- Identity management for end customers in mobile/fixed network
- Adaptation of business processes (BPMN, ARIS), integration of data warehouse (DWH)
- Provisioning management in the area of AAA domains
- Introduction of OpenID/OAuth2 infrastructure
- Organization and implementation of an international software rollout in seven countries
Energy
Experience in the field of energy supply:
- E2E processes campaign management / customer / consent data.
- Adaptation of E2E processes for DSGVO Consent Management
- Assessment of DSGVO conformity, proposal of measures
- Technical concept creation, epics and user stories as product owner
- Technical analyses and reports from the data warehouse (DWH)
- Analysis AD / AAD / conception file server authorization structure
- Concept creation for IAM automation
- Ensuring compliance regarding ISO2700, Kritis, DSGVO
- Compliance with BSI requirements regarding SOC / SIEM for KRITIS
- Definition of network topology of SOC connection for OT and IT Prioritization of the assets to be connected
- Definition of operational processes between end customer, provider, SOC
- Control of the "false positive" phase
- Implementation of a jump server and file transfer platform solution
- Classification of login procedures for all customer applications
Finance
Experience in the area of finance:
Derivation of measures from PAM audit findings according to §30 and §44 of the German Banking Act (KWG)
Analysis of actual and conception of target use cases for PAM accesses
Derivation of measures from PAM audit findings according to §30 and §44 of the German Banking Act (KWG)
Analysis of actual and conception of target use cases for PAM accesses
- Creation of a PAM concept for a banking group
- Identification of all PAM assets and definition of an asset handling process
- Creation of an access concept for PAM for the technologies used
- Definition of PAM account types
- Definition of approval processes for assets and their authorizations
- Integration of the systems required for PAM access management such as Quest OneIdentity, Ivanti HEAT / CMDB, Wallix Bastion, Cisco ISE, Tufin and Active Directory
- Design of a technical access process for PAM access based on the Zero Trust Model and the jump server solution Wallix Bastion
- Ensuring conformity with BAIT, ISO2700, DSGVO, NIST
Mechanical Engineering
Experience in the field of mechanical engineering:
- Management consulting for a post-merger transformation.
- Transformation of the machine level for IoT and digitalization
- Introduction of standards / norms (e.g. ISA88 / ISA95)
- Process analyses and adaptations, value chain analyses, BPMN
- Conversion of organizational structure: special to standard machine building
- portfolio management
- Interim management R&D
- Introduction of Scrum and Requirement Management
- Quality management engineering process (hardware / software)
- Introduction of monitoring and CIP tools for management