IT Security for Everyone — No Matter Where You Start
From your first baseline check to a targeted roadmap — without your data as the price of admission.
Whether you're just getting started or leveling up: The Security Kompass shows you exactly where you stand — and gives you a clear roadmap to sustainably strengthen your organization's IT security. No registration, no contact form.
Basis Check
Start with 25 key questions to establish your security baseline across all standards.
Domain Checks
Dive deep into 11 specialized areas from risk management to access control.
Compliance Dashboard
See your compliance scores against ISO 27001, NIS2, BSI Grundschutz and more.
Analysis & Insights
Radar charts, heatmaps and targeted recommendations for improvement.
Which standards do we assess against?
The Security Kompass maps your answers to established security frameworks
Available
The gold standard for information security management systems, recognized worldwide.
EU directive for cybersecurity in critical and important sectors — mandatory since 2024.
We're working on
The German federal standard for systematic IT security in organizations.
Practical information security standard specifically designed for SMEs.
12-step compliance model for municipalities and SMEs in the DACH region.
EU regulation for digital operational resilience in the financial sector.
Information security standard for the automotive supply chain.
Quick risk assessment for small and medium-sized enterprises.
Your starting point – tailored to your role
Choose your perspective and discover how Security Kompass supports you.
Value, not a sales pitch – Security Kompass at a glance
Everything available immediately – no registration, no paywall. Registration offers real benefits instead of trying to sell you something.
The complete Security Kompass
- 158 questions across 11 security domains + SME Basis Check
- Frameworks multi-mapping against 105 controls from ISO 27001 and NIS2
- Instant traffic light assessment (High/Medium/Low)
- Detailed compliance dashboard
- Spider chart across all security domains
- Analysis and recommendations per domain
- Risk cost estimates in EUR based on FAIR model — personalized by industry and company size
- No hidden costs
Optional with registration: Save progress permanently, continue later and upload evidence documents.
The 11 Security Domains
Each question is mapped to ISO 27001 and NIS2 – frameworks multi-mapping against 105 controls in total.
Risk Management & Governance
12 questions
Incident Management
12 questions
Business Continuity
10 questions
Supply Chain Security
10 questions
Network & Infrastructure Security
15 questions
Data Protection & Cryptography
12 questions
Access Control & Identity Management
12 questions
Physical Security
10 questions
HR Security & Awareness
10 questions
Asset Management
10 questions
Compliance & Audit
10 questions
That's why Security Kompass
| Feature | Security Kompass | VdS Quick Check | BSI EPIC | CyberRisikoCheck | |
|---|---|---|---|---|---|
| Without Login | With Account | ||||
| Price | 0 € | 0 € | 0 € | 0 € | 490–1,800 € |
| Quick Check (Checkpoints) | 25 | 25 | 29 | 32 | 54 |
| 11 Domains (+133 Checkpoints) | |||||
| Instant Report | |||||
| Multi-Standard Mapping | |||||
| No Registration | |||||
| Compliance Dashboard | |||||
| Company Profile | |||||
| Evidence Upload | |||||
| Expert Support | Optional (consulting package) | Required (paid) | |||
What your report looks like
Instantly understandable – even without IT background. With traffic light assessment per domain and frameworks multi-mapping.
Example: Spider chart across 11 security domains
Create Incident Response Plan
Define a structured incident response process with clear roles, escalation levels and communication paths. Prioritize completion within the next 30 days.
Traffic Light Assessment
Privacy & Methodology
Risk assessment based on FAIR methodology, IBM Cost of Data Breach Report, and DLA Piper GDPR Survey — individualized through your company profile.
GDPR compliant. No data sharing with third parties. Servers in Germany.
Frameworks multi-mapping: ISO 27001 (93 controls), NIS2 (12).