top of page


Preliminary talk

In a preliminary talk, the situation is clarified and the identification of the person(s) questioning zu This is also followed by an appointment for the detailed personal interview that follows .



We ask you a total of 52 questions on 27 topics based on DIN SPEC 27076. Your answers then give you a value for your security level.



Based on the survey results, we will produce a report on the results “Status report on IT and information security for small and micro-enterprises according to DIN SPEC 27076” within 5 working days, which you will receive as part of a presentation. There are also recommendations for implementation. On this basis, you can tackle the implementation of measures.


Awareness training

You will also receive awareness training from us as part of a 1-hour presentation on information security (remote).

4 steps to 

Diagnosis according to DIN 27076

The tried-and-tested process at a fixed price at a glance

Gerne arbeite ich beim nächsten Projekt wieder mit Herrn Salvador und Team zusammen. Danke und alles Gute!

Andreas Freitag, BMW AG

Mein TISAX® Audit verlief reibungslos und war auf Anhieb erfolgreich, wir konnten unsere Informationssicherheit gemäß TISAX® nachweisen und können damit nun neue Automotive-Kunden gewinnen.

Lücken in unserer Vorbereitung bzw. Prüfung wurden zeitnah geschlossen und Dokumente in hoher Qualität wurden von Opexa geliefert. Das Team um Klaus Höllerer, Klaus Kilvinger und Thomas Salvador kann ich nur empfehlen.

Dr. Samir Kadunic, MAASU GmbH

Bei der Prüfung von Kundenanforderungen im Bereich TISAX® gab es dringenden Beratungsbedarf im Unternehmen. Dank der Hilfe der Opexa Advisory GmbH konnten wir unsere Kundenanforderungen erfüllen und zudem unsere Ziele mit einer deutlichen Kostenersparnis erreichen.

Die Opexa Advisory ist wegen der langjährigen Automotive-Erfahrung, dem Projekt Know-how und ihrer kompetenten, effizienten und unkomplizierten Unterstützung der ideale Partner.

Herbert Schmidt, Dennemeyer & Co. GmbH

What our clients have to say

​Frequently asked questions about DIN SPEC 27076 

What are the concrete benefits of the analysis based on DIN SPEC 27076 in the company?

Do I get a certificate?

No test or certificate is provided by DIN for this standard.

After implementing the measures, we recommend that you publish a notice on your website that your company applies the minimum standards of the standard.

Based on the results, you identify weak points and then gradually optimize existing processes, eg in risk management, business continuity management, incident management and general technical and organizational measures as well as in reporting.

In addition, you recognize gaps and inefficiencies in the organization, you save costs!

The level of security for your personal data in accordance with the GDPR is also improving.

And you protect your business and minimize the likelihood of a cyber attack in the future. 

What effort and what costs can be expected?

The effort on your part is manageable. Count on a total of 5 hours, which includes everything, the preliminary discussion, the survey, the presentation of the results and the awareness measures. The turnaround time on our site is ca. 5 business days. 

We offer the above services exclusively for KKU up to 50 employees at a flat rate of 990 euros plus VAT (remote implementation).

What happens after I have the results in my hands?

Our recommendation for all companies is to follow the suggestions and implement them, be it internally or with an external partner. You have reached a good minimum standard.

As a further step, the goal can be envisaged of a professional information security management system (ISMS) based on the internationally recognized standard_cc781905-5cde-3194-bb3b-136 bad5cf58d_ISO/IEC 27001_cc781905-5cde -3194-bb3b-136bad5cf58d_to be introduced. This is complex, but an ISO/IEC27001 certificate is also internationally recognized and known in the market, a sign not to be underestimated to customers and suppliers as well as the market.

The necessary information security measures are complex, especially for small and micro-enterprises with fewer than 50 employees if demanding standards such as ISO/IEC 27001 or TISAX® are to be used. Unfortunately, these measures are often omitted with disadvantages in information security!

By using the simplified new DIN SPEC 27076:2023-05 to determine the location, a simplified diagnosis can be made for these companies in particular! On this basis, a minimum quality standard in the area of information security can be achieved as part of the implementation and improved protection can take place. This is an advantage for users compared to many other companies. We offer the diagnosis in a package with an awareness measure at a fixed price! 

Our Partners 

Small/Micro Business

More safety with DIN 27076

bottom of page