Do you fall under the criteria of critical infrastructures (KRITIS)?

If companies belong to the economic sectors of

  • energy (electricity, gas, mineral oil),
  • water (public water supply, public sewage disposal),
  • food (food industry, food trade),
  • health (medical care, drugs and vaccines, laboratories),
  • information technology and telecommunications,
  • finance and insurance (banks, stock exchanges,
  • insurance companies, financial service providers),
  • and transport and traffic (aviation, maritime shipping, inland shipping, rail transport, road transport, logistics),

they potentially fall under the criteria of critical infrastructure.

Are you KRITIS? What do you need to do?

As a KRITIS-company, you are obliged to regularly check whether you exceed the threshold values of the KRITIS-Regulation. If this is the case, you must implement organizational and technical measures to prevent disruptions to your critical services. In addition, you are required to demonstrate implementation at least every two years by means of appropriate audits.

How can abat support you in the implementation of KRITIS requirements?

To meet most of the requirements, you can, for example, set up an information security management system (ISMS) in accordance with ISO 27001, IT-Grundschutz or the Framework Cybersecurity (NIST). We will be happy to assist you with the introduction of an ISMS or, if you wish, we can advise you only in certain areas, e.g. in carrying out risk analyses, employee training for security awareness or outsourcing checks of your service providers. Industry-specific requirements are taken into account by us. Furthermore, we can support you in the implementation of the IT security catalog for network operators and various B3S.

Why should you choose abat?

To ensure that information security can be advanced in your company and that you are well prepared for certification and auditing processes, offers you consulting services in this area. Our consultants are appointed as ISO 27001 auditors by DEKRA Certification GmbH. Furthermore, we have many years of experience in this area and have the additional test procedure competence according to § 8a BSI law. Regular further training ensures that we are oriented towards the current standards. Our goal is to alert you to dangers in IT or to optimally prepare you for an audit.

How can abat support me in building up competence?

We offer training courses for auditors to obtain the test procedure competence according to § 8a BSIG. Of course, other interested parties can also participate in these training courses.

TISAX® is a registered trademark of the ENX Association. The mention of the TISAX® trademark does not imply any statement by the trademark owner regarding the suitability of the services advertised here. The exclusive responsibility for the content of the website and the services presented here lies with abat.

Our customers in the area protect


ISMS Consultant

For me, abat is: fun, exciting projects - great customers and colleagues packed into a respectful and trusting atmosphere with plenty of room for continuous development!


ISMS Senior Consultant

At abat, I have the freedom to shape my work as I see fit.


ISMS Senior Consultant

For me, abat is synonymous with limitless opportunities and a sustainable corporate culture


ISMS Senior Consultant

I have never worked in such a self-determined and self-reliant way as in this team. Love it.

Our memberships

abat is a member of

Our experts are committed to

Quick Link

You might also be interested in

Information material

on the topic Information security

download PDF now 

Contact our abat protect expert

Free initial consultation to analyze your needs

In the first meeting, you define your initial situation with us, and we clarify initial questions.

This appointment is free of charge and without obligation for you.