Given the pressure of regulatory and legislative demands on the one hand, and pressure to innovate on the other hand, proprietors of of critical infrastructure, network operators and other providers of digital services will continue to implement projects with information security at the core. Strong growth is expected in the area of management system certification in accordance with international standards such as ISO/IEC 27001 und ISO 22301. The AUDEG Certification Body is currently in the accreditation process by the German Accreditation Body (DAkkS). After successful completion, the AUDEG Certification Body will offer certifications according to ISO 27001.
Operators of critical infrastructure as covered by the BSI-Kritisverordnung (German Regulation on Determining Critical Infrastructures (BSI-KritisV)) are subject to a bi-annual assessment in accordance with § 8a BSIG and have to provide the necessary documentation to the BSI. AUDEG already meets all requirements for an auditing body in accordance with §8a BSIG (Federal act of information security) for operators of critical infrastructure and we are ready to assist you in achieving legal compliance with the BSI as well as all related assessments.
Auditors are playing a key role in this, because they are an important resource in the certification process. Auditors may be sole traders as well as employees in a company and organised in professional associations. They are appointed by one or more certification bodies, but are usually not their employers. The dependency of many auditors on the certification bodies is considerable while at the same time auditors rarely have a voice to influence professional as well as social matters within these bodies. The balance of power within the relationship auditor-certification body is highly asymmetrical and cannot be corrected due to a lack of an organisation to represent the auditor's interests.
AUDEG - Deutsche Auditoren eG was founded to effectively represent the interests of german auditors. Our uniqe concept enables us to combine auditing and certification thus creating time- and cost-efficient work processes. At the same time, we can guarantee the necessary independence through multi-layered checks and controls.