Frequently Asked Questions (FAQ)

Answers to common questions about our consulting services in information security and management systems.

1. What does “implementation support for management systems” mean at MLYK Consulting?

We provide both strategic and operational support in implementing management systems for Information Security (ISMS), Cybersecurity (CSMS), Artificial Intelligence (AIMS), and Business Continuity (BCMS).

Our approach is hands-on, tailored to your organization, and designed for sustainable integration.

2. Which management systems do you cover in your consulting services?

We guide and support companies in the implementation and optimization of:

ISMS based on ISO/IEC 27001 and TISAX®
CSMS in accordance with ISO/SAE 21434 and UNECE R155
AIMS in line with ISO/IEC 42001
BCMS based on ISO 22301 and the BSI Standard 200-4

3. How do you prepare clients for certification?

We begin with a gap analysis and develop a tailored action plan.

Then we assist in implementation, documentation, internal audits, and targeted preparation for certification assessments.

Our goal: a successful certification – efficiently and reliably.

4. What does “Audits & Compliance” mean in practice?

We support both internal and external audits – for example, in the context of TISAX®, ISO 27001, DORA, KRITIS, or NIS2.

In addition, we help you build an effective compliance management framework and continuously improve your security processes.

5. Do you offer training and awareness programs?

Yes. We provide customized, practical training formats for all levels – from executives to employees.

Our goal: to strengthen security awareness and foster a real cybersecurity culture across your organization.

6. What makes MLYK Consulting different from other providers?

100% success rate since 2017
100+ audits supported (TISAX®, ISO/IEC 27001, etc.)
50% of clients have worked with us for more than 3 years
Genuine partnership approach – transparent, efficient, and outcome-driven

7. How can I schedule an initial consultation?

Simply send us an email at contact@mlyk.com

or use the contact form on our website.

The initial consultation is free of charge and non-binding.

8. What is ISO/IEC 27001 and why is it relevant for my organization?

ISO/IEC 27001 is the globally recognized standard for information security management systems.

It provides a framework to protect sensitive data, manage risk, and implement structured, organization-wide security practices.

It is often a prerequisite in regulated industries and supply chains.

9. What is TISAX®, and how does it differ from ISO/IEC 27001?

TISAX® is based on ISO/IEC 27001 but tailored specifically to the requirements of the automotive industry.

The assessment framework (VDA ISA) includes additional topics such as prototype protection and GDPR compliance.

We support your entire TISAX® journey – from gap analysis to audit success.

10. What does a Cybersecurity Management System (CSMS) under ISO/SAE 21434 include?

A CSMS addresses cybersecurity risks across the entire vehicle lifecycle.

ISO/SAE 21434 defines requirements for cybersecurity in automotive development and is linked to UNECE R155.

We help you implement these requirements efficiently – from concept to audit readiness.

11. What does ISO/IEC 42001 regulate in terms of AI?

ISO/IEC 42001 is the first global standard for managing the trustworthy and ethical use of Artificial Intelligence.

It covers transparency, data ethics, human oversight, and risk control.

We help you embed AI into secure, compliant, and responsible processes – including preparation for future EU regulations such as the AI Act.

12. What are ISO 22301 and the BSI Standard 200-4 used for?

Both standards provide a framework for establishing a Business Continuity Management System (BCMS).

ISO 22301 is internationally recognized, while BSI Standard 200-4 is widely used in German-speaking countries (e.g. for KRITIS, banks, authorities).

We support the introduction of both – individually or in combination with your ISMS.

13. What role does the Business Impact Analysis (BIA) play in BCMS?

The BIA is a core component of business continuity planning.

It identifies which business processes are critical, what dependencies exist, and how quickly recovery must occur.

We conduct structured BIAs with you as a foundation for practical, effective continuity plans.

14. How are your training sessions delivered?

Our trainings are practical, interactive, and tailored to your organization’s needs.

We offer on-site or online formats for employees, specialists, and leadership – with a focus on awareness, responsibility, and hands-on relevance.

15. What does a typical consulting process with you look like?

We usually start with a gap analysis, followed by planning, implementation, internal audits, and audit preparation.

Throughout the process, we focus on transparency, efficiency, and measurable value – working with you as a partner.

16. Do you also work with companies outside the automotive industry?

Yes. While we are highly experienced in the automotive sector, we also advise companies from other industries – including IT service providers, manufacturing, finance, logistics, and public infrastructure.

17. What happens after a successful certification?

We continue supporting you through post-certification activities such as internal audits, continuous improvement, and new compliance requirements (e.g. NIS2, DORA, EU AI Act).

Our goal is to build long-term resilience and internal capability.

Schedule a Free Initial Consultation

Would you like to learn more about our consulting services?

In a free and non-binding initial consultation, we will answer your questions and show you the path to successful certification.

Schedule a Consultation

Page updated

Google Sites

Report abuse