We will process your request as soon as possible and get back to you!

Your data will be treated confidentially.


Jürgen Günther - antares Informations-Systeme GmbH

Jürgen Günther - Management

Contact for GRC management software

Assistance in selecting the right GRC software solution

mail contact

Would you like to be called back?

We are here for you!


E-mail: info@antares-is.de

Phone: +49 7331 3076-0

Fax: +49 7331 3076-76


antares Informations-Systeme GmbH

Stuttgarter Straße 99

73312 Geislingen an der Steige 

Your data will be treated confidentially.

Subscribe to our quarterly newsletter and stay informed.

Your data will be treated confidentially.


ISO standard 27001 - Greater security for your IT systems

By certifying your ISMS according to ISO 27001

Anyone heavily involved with the subject of IT security within a company and explicitly familiar with the standard operations of an ISMS will have surely come across the term ISO 27001. It comprises an international standard for information security which can be implemented in any type of organisation and business – DIN ISO/IEC 27001.

The standard outlines the requirements for the implementation, maintenance, documentation and ongoing improvement of an Information Security Management System (ISMS). The confidentiality, integrity and availability of information are at its core. This ensures that your data is optimally used and securely stored. The standard also ensures the availability of all systems related to company processes. The choice of suitable security mechanisms guarantees the protection of all values and value-added chains.

With DIN ISO/IEC 27001 certification, you can

  • recognise risks early on and take appropriate actions.
  • systematically discover weak points.
  • ensure reliable protection of confidential data and information.
  • minimise costs (process/financing/IT costs).
  • promote a greater culture of security within your organisation.
  • increase the competitiveness of your company.
  • acquire or increase the trust of prospective customers, existing customers and business partners.

We are a licensed producer of IT baseline protection tools.

Lizenzierter Grundschutzbeauftragter

ISO 27001 certification

Through certification of the existing Information Security Management System, your company shows that it complies with and implements information security requirements and measures for protecting data.

There are two fundamental types of certification – directly according to ISO 27001 and based on IT baseline protection. The requirements of both involve the existence of an Information Security Management System (ISMS). Along with identifying your company’s values and their documentation, potential security risks must be identified, assessed and monitored. If the standard is applied, a certification audit must be carried out by a certification body.

ISO 27001 certification can be carried out for the entire company as well as a particular area of application.

Further information about certification and endorsement of the standard can be found on the website of the German Federal Office for Information Technology Security (BSI).

ISO 27001 certification process

In order to certify an Information Security Management System according to ISO 27001, your company must undergo a multi-stage audit process. This is carried out by one or more independent certified auditors.

  • null
    Pre-audit: Audit of all documents by the auditor for their completeness and conformity with the standard.
  • null
    Certification audit: Audit of documentation and the effectiveness of the ISMS within the company, amendments if deviations occur. Creation of the audit report including an evaluation of the management system.
  • null
    Distribution of the certificate: Following a successful audit, the certificate and quality seal are issued for a maximum of 3 years.
  • null
    Follow-up audits: In the second and third year (once annually) after certification, the management system’s information security is checked to ensure that it still complies with the standard requirements.
  • null
    Renewal of certification: The certificate must be renewed after 3 years.
ISO 27001-Zertifizierung
How do you integrate an effective ISMS?
Read more

Company management is responsible for taking suitable measures to fulfil security objectives. Various standards, such as ISO 27001, provide a source of reference to help introduce an Information Security Management System.

The important thing is to integrate information security directly into the business processes and observe which information is relevant and needs to be protected.

With our Information Security Management System antares RiMIS ISMS, weak points are identified, threats recognised, relevant protection measures taken and opportunities seized.

How do you integrate an effective ISMS?
  • Target group-oriented documentation (document management)!
  • Clear answers to the following questions: Who needs to know what?
  • Which instructions do which groups need on a daily basis?
  • Where/how is role-based training integrated?
  • Implementation of ongoing measures within a company to introduce a culture of information security
  • Jürgen Günther - antares Informations-Systeme GmbH

    Jürgen Günther


    Contact person for GRC management software

    mail contactxing contactlinkedin contact


Together we will set up an integrated information security management system (ISMS) for you in order to initiate and implement measures for information security, to monitor them and to check them continuously.

We would be happy to advise you on the selection of the BI software solution according to your individual requirements and help you to design your IT strategy.

We show you the way to solve concrete problems.

Use the know-how of our software experts.

The benefits for you


Risks are not only pragmatically indexed; the early risk detection system integrated into our GRC solution enables you to proactively prevent risks and find the ideal path forward with the controlling of measures.


Complex processes are easy to use thanks to the intuitive interface structure and modern, web-based design. Self-explanatory dashboards and graphics simplify day-to-day dealings and achieve fast results, such as the drill-down method.


Along with standardised data transfer, optimum integration into your IT environment allows for customisable design which can be adapted to your guidelines and requirements in opportunity and risk management.


The fast implementation time and individual expandability is seamlessly integrated into your workflow without disruptions. Generate an optimum risk strategy in no time at all with antares RiMIS.


Corresponds to § 317 para. 4 HGB and Auditing Standard IDW PS 340, meets BilMoG requirements and paves the way to prevent violation of the Sarbanes-Oxley Act. Takes into account the aspects of KonTraG, ISO 31000, IDW (E) PS 981, COSO II as well as ONR 49000 and ÖNORM S 2410 and is based on IEC 62198.


The intuitive screen structure and email-supported workflow from creation to automatically created risk reports ensures a seamless and efficient risk management process.

antares RiMIS references

Our promise