Your browser is outdated

The internet explorer is no longer supported. Please switch browsers for better website experience.

External Chief Information Security Officer

IT compliance and security with an external Chief Information Security Officer (CISO)

Information security is a high priority for all organizations today, but the resources for attaining it are not distributed equally. Small to mid-sized companies, especially, may not be in a position to support full-time IT staff, and when outsourcing may be unaware of the gaps in their service contracts. Even large organizations may not be allocating their IT funds efficiently.

External CISO roles and responsibilities

An external CISO is an attractive alternative for companies of all sizes and sectors. Our information security experts have extensive experience in the field, are well-versed in questions of compliance and bring a fresh perspective to each organization.

From risk analysis and security evaluations to helping establish a robust ISMS, we provide cost-effective, on-demand solutions without the need for costly staff training.

The service is fully customized: an external CISO can be hired for any length of time to achieve specific company targets, bringing robust information security within reach.

Your Benefits

  • Legal compliance and a robust Information Security Management System (ISMS)
  • Expert coordination of all aspects of information security by a neutral party
  • Cost-effective access to experience, expertise and objectivity from a single source
  • Independent risk analyses and security evaluations free from internal influences
  • Quality IT services “on demand” without staff training or new personnel costs
  • Cutting edge solutions, scalable as required

Our Approach

The roles and responsibilities of an external CISO depend on the needs and priorities of our clients.

Chief information security officer roles – DEKRA
CISO roles and responsibilities

Our CISO personnel are prepared to take responsibility for a range of tasks, including:

  • Introducing or optimizing ISMS
  • Establishing processes and structures for maintaining information security
  • Introducing or managing information security guidelines and rules
  • Ensuring compliance with the relevant legal framework
  • Defining a security strategy and identifying security goals
  • Creating and managing an internal team to support security goals
  • Risk assessments and business impact analyses
  • Compiling and managing relevant documents
  • Workshops and training to sensitize employees to security issues


  • We are passionate about information and data security
  • We have world-class expertise in the field of information security
  • We specialize in providing customized information security advice

Have questions? Contact us

Ingo Legler

Ingo Legler

Product Manager & Expert

+49 30 986 0987-123
Andreas Schlöricke

Andreas Schlöricke

Project Management Cyber Security

+49 30 986 0987-126
Share page