top of page
Image by Nina

IT security check
DIN SPEC 27076

Optimal IT security consulting for small and medium-sized companies

The CyberRisko-Check helps you to uncover weak points and to maintain your company's success through a secure IT infrastructure. With our tailor-made recommendations for action, you set the right priorities for your IT security.

Graue Oberfläche

Stay future-proof with the cyber risk check for small businesses

Many small and medium-sized enterprises (SMEs) would like to do more for their IT security, but often don't know how. The typical standards such as the IT baseline protection compendium of the BSI or the ISO/IEC27001 standard are in most cases not optimal for companies with fewer than 50 employees.

In order to also support small and medium-sized companies, a consortium for the development of a DIN specification was founded in cooperation with the Federal Association of Small and Medium-Sized Businesses (BVMW).

The result of the consortium's eight-month work is DIN SPEC 27076 "IT security consulting for small and micro-enterprises" and the CyberRisikoCheck based on it. Through this, SMEs can receive standardized advice from IT service providers that is specially tailored to their needs. The recommendations for action for SMEs were also standardized in the DIN SPEC. As a result, both the client and the contractor know what service is to be expected or to be provided.

Specially designed for small and medium-sized businesses

Comprehensive view of your IT landscape, organizational measures and risks.

Full report with concrete recommendations for action

As a result, you will receive an understandable report with specific guidelines and recommendations to make your company more secure.

Vendor neutral and independent

We look at your IT systems independently of the devices and manufacturers you use.

Progress control through 27 defined test criteria for recurring checks

Keep track of your current security level and progress through clearly described criteria and security goals.

Image by krakenimages

Optimal IT security consulting for small companies

With us, you will find out in the shortest possible time what the current situation is in your company.

We give you clear recommendations for action and show you relentlessly where security problems lie and how they can be solved.

We would be happy to actively support you in implementing a secure IT infrastructure.

Graue Oberfläche

What is DIN SPEC 27076?

DIN SPEC 27076 is a new consulting standard for improving IT and information security in small companies in a cost- and time-efficient manner. But it can also be applied to larger, medium-sized companies.

The CyberRisiko-Check is used by IT service providers and creates an offer for industry-independent and needs-based advice for better IT security in your company.

The CyberRisk Check defines 27 test criteria that companies must meet in order to minimize the most relevant security risks and to close open gateways for attackers. These are queried by us in short sessions, either on site or digitally, in an understandable way and then evaluated.

Based on the results, you will receive a meaningful report, ideas and recommendations for action that you can use to improve your corporate security. On request, we will also actively support you in the implementation.

While previous standards, such as a large part of the BSI basic protection or ISO/IEC 27001, are often too extensive and too expensive, DIN SPEC 27076 pursues a particularly needs-based and practical approach without excessive complexity.

What are the advantages of consulting according to DIN SPEC 27076?

With the new standard, the cyber risk check gives you an overview of the current situation of cyber security in your company in a very short time. The 27 requirements developed by the consortium are divided into regular and particularly important recommendations for action.

In this way, you can immediately see which measures you should implement first. The result is formulated in an understandable way and contains concrete recommendations and measures on how to deal with current weaknesses.

Our results report, carefully prepared for you, summarizes everything for you:

- Your company's own risk status value in the form of a security score

- Overview of current vulnerabilities

- The prioritized recommendations for action to be implemented and the other measures to be taken to increase your IT security

Info Broschüre DIN SPEC 27076_edited.jpg

Which subject areas are audited?

Organization & awareness

Considers the commitment of the management, as well as the distribution of competencies and sensitization of employees

Regulates access and entry authorizations for physical and virtual premises

Identity & Authorization

IT systems &

Considers the security mechanisms behind the information and communication technology used.

Checks the availability and currency of the hardware and software used.

Patch & Change Management

Protection against malicious programs

Addresses the main gateways for malware.

Describes responsibility, scope, frequency & availability of data and their backups.

data backup

Graue Oberfläche

How does the audit according to
DIN SPEC 27076 work?

Initial consultation

In an initial discussion, we collect basic information about the technology used and your company structures together with you, and explain the audit process to you.

Analysis of your IT landscape

With the 27 test criteria from 6 categories, we work with you to record how your technology is currently configured and how it is used.


In a final report, you will receive an understandable overview of your current security level and recommendations for implementation.

Final presentation

In a final presentation, we show you in detail where there is potential for improvement or where there are even serious security problems. We can clarify open questions together and discuss further details if there are problems with understanding.

Download the project's official information brochure on cyber risk here.

The cyber risk check:

Simply tackle IT security

IT security consulting according to the new DIN SPEC 27076

Image by

Free initial consultation

Do you have any questions or would you like to know how we can make your company more secure?

Write to us and arrange a free and completely non-binding initial consultation with us, in which we will show you what preparations you need to make, how an audit works and what options you have afterwards.

bottom of page