Blockchain Assessment (in Cooperation with CIS GmbH)
Distributed Ledger Technologies (DLT) have shown that they have the potential to revolutionalize the digital world and offer a real added value to organizations and their customers. Practically all industries are currently experimenting with its use in a variety of use cases including financial services such as safekeeping of digital assets, proofs of identity, supply chain management, traceability and more. As use cases move from pilot phase to production, questions arise regarding risks and controls. DLT itself are considered tamper-proof, however, solutions based on technology are subject to risks, just like any other IT implementation.
With an objective assessment of your Blockchain solution you ensure that the technical solution meets the requirements regarding security, transparency and confidentiality of individual data and assets.
We review the application of the Distributed Ledger Technology as needed in terms of its organizational and technical implementation, and take into account the relevant requirements regarding information security and IT Service Management (ISO 27001 and ISO 20000). This increases the transparency of your solution and creates trust among your Blockchain participants and customers
- Continous transparency for the entire network
- Assurance of data integrity
- Prevention of fraud and manipulation
- Reliability and quality of the implementation
- Building of trust
The assessment comprises a standardized check of the Blockchain solution at process level regarding operation, development and further development as well as at technical level regarding business
logic, special hardware and Distributed Ledger Technology.
The assessment certificate is issued if the use of Distributed Ledger Technology is harmless according to ISO 20000 or ISO 27001 respectively. The certificate can then be used as an internationally valid recommendation for the next audit.
ISO 20000, ISO 27001, accompanying processes and procedures (industry-specific processes and methods)
A review of the implementation and maintenance of a management system according to ISO 27001 (ISMS) or ISO 20000-1 (SMS) is not part of this assessment, but is part of certification against these standards.
As a recognized certification body, CIS is specialized in information security, data privacy, IT services, cloud computing, data center as well as business continuity management. The excellent reputation of CIS certificates nationally and internationally as well as among public authorities and customers is regarded as a real competitive advantage and a door opener in business cases worldwide. The reason for this is the high quality of CIS accreditation awarded by the Federal Ministry for Digital and Economic Affairs (BMDW) as well as the proven certification procedure. A CIS certificate will not only provide an organization with an independent review of its process management system, CIS auditors also actively provide their in-depth technical knowledge during the preparations for certification as well as the subsequent audits. The Stage Review and Stage One Audits are important tools, whereas the latter is a mandatory “final rehearsal” prior to the certification audit. Thus organizations are optimally prepared to positively complete certification at the first attempt.