SERVICES

EXPERT

IT Experts & IT Forensics Office Zimmer & Partner:
Sought-after experts for all questions concerning your IT and EDP security

The experts of the IT Experts & IT Forensics Office Zimmer & Partner are in demand as certified and association-recognized experts for value or assessment reports, factual reports, arbitration reports and insurance reports.

Private expert reports are required, for example, for:

  • Preservation of evidence
  • Damage assessment
  • Determination of costs or value
  • Preparation of legal proceedings
  • Securing claims
  • Advice to support decision-making
  • Support with troubleshooting and remediation measures
  • Support in discussions with suppliers or authorities

Preservation of evidence

Damage assessment

Determination of costs or value

Preparation of legal proceedings

Securing claims

Advice to support decision-making

Support with troubleshooting and remediation measures

Support in discussions with suppliers or authorities

A private expert report only serves as a party submission in court and can be admitted in the proceedings.

In the context of court proceedings, we prepare expert opinions on behalf of the court or as party expert opinions: Both damage and value appraisals are possible.

Court expert reports serve to present technical facts in an understandable way and can be used to support the court.

The experts of the IT Experts & IT Forensics Office Zimmer & Partner at the locations Menden (Sauerland) and Neustadt/Dosse cooperate on the expert level with the investigators of the Federal Criminal Police Office and various state criminal police offices. Our certified expertise is in demand from small and medium-sized businesses, the private sector and government institutions throughout the DACH region. Please feel free to request further information and to gain your trust.

We guarantee: Certification by the German Association of Surveyors and Experts (DGSV) underscores independence and gives you the assurance that expert neutrality is guaranteed.

FORENSICS

Capturing the elusive: With digital forensics, we secure relevant facts and record the facts in a way that can be used in court.

Nothing is as ephemeral as the spoken word and the internet also appears to many as a place where information is meaningless and the door is opened to volatility. We at the IT Experts & IT Forensics Office Zimmer & Partner can help you to secure facts in court.

Digital forensics is used to investigate incidents on systems that can process digital data. The goal is to establish the facts of the case in a way that can be used in court. This forensic form of documentation is particularly useful in cases of hacker attacks, sabotage, data theft, economic crime or similar offences. Our team has very sound knowledge in this area, which is repeatedly requested by courts and investigating authorities and used to provide evidence.

When searching the internet under the keyword forensic investigations, you will find many offering presumptive help. But only a few have such comprehensive know-how as the team at the IT Experts & IT Forensics Office Zimmer & Partner. The development of viruses and trojans is so dynamic that they are sometimes programmed specifically for a certain company in order to blackmail later. Don't be fooled: such attacks not only affect large companies, but especially medium-sized companies which are known for their elementary know-how, and are increasingly becoming the target of pinpoint attacks. From our experience, we can assure you that such malicious attacks can have the capacity to get even well-established companies into serious trouble.

Only through constant qualifications as certified and association-recognized IT forensic experts, cooperation with the relevant authorities such as the criminal police, the judiciary, the Federal Criminal Police Office and the corresponding professional associations, as well as cutting-edge equipment, the experts of the IT Experts & IT Forensics Office Zimmer & Partner are able to succeed time and again. The proverb that standing still means going backwards applies to no other field as intensively as to forensic criminal investigation.

For private or forensic expert opinions, the experts of the IT Experts & IT Forensics Office Zimmer & Partner perform live forensics on site: You can imagine this as the work of a surgeon on an open heart - virtually during operation. Alternatively, post-mortem forensics (comparable to pathology on the deceased) offers the possibility of securing traces and evidence after a successful malicious attack in order to enable conclusions to be drawn about the perpetrator(s). These evidence preservation measures serve to determine the identity of an attacker or perpetrator or to determine the extent of the damage after a system intrusion or "only" to uncover existing vulnerabilities and to eliminate them. The knowledge gained and evidence seized in this way serve as the basis for the preparation of an expert report, which can be used in legal proceedings.

We recommend to book an appointment today for a binding consultation so that a successful attack on your company or institution does not happen in the first place - because this is usually more expensive than any previous analysis.

DATA PROTECTION / AUDIT / MEDIATION

When it becomes personal, the gold standard is the minimum requirement:
we value and protect your personal data - your most precious asset

DATA PROTECTION

Data protection serves to protect personal data. Because data processing is becoming more and more advanced, special care is required here. Due to the worldwide networking via the Internet, the dangers with regard to personal data are increasing. Remember the still valid guiding principle: The Internet never forgets!

The outsourcing of computer data (cloud computing) is something we experts from the IT Experts & IT Forensics Office Zimmer & Partner regard as critical. This is because it is often uncertain where the data is stored (for example somewhere overseas) and who has access to it.

But even if data is not outsourced, this does not automatically mean data security, as it is or can be passed on knowingly or accidentally by the company's own employees.

Many companies shy away from passing on data to competitors or supervisory authorities: Here, it is less the financial interest that plays a role than the presumed loss of reputation due to a terminated employee, which can become a problem.

According to the EU General Data Protection Regulation (EU GDPR) published on 4 May 2016, all associations, self-employed persons, companies, corporations, public authorities and the like that process personal data of EU citizens have to provide evidence of data protection and data security measures since May 2018. The documentation of penetration tests is an important component here.

Thus, the EU GDPR first defines in Art. 5 (1) the obligation to implement appropriate technical and organizational measures to protect data ("integrity and confidentiality") and additionally specifies the measures to be taken in Art. 32. In addition, Art. 25 EU GDPR ("data protection through technical design and through data protection-friendly default settings") sets out principles on how processing must be designed and which default settings are to be made.

Important in this context is Art. 32 (1) EU GDPR. In addition to the pure implementation of technical and organizational measures regarding the availability, confidentiality and integrity of the systems as well as the recovery of data, the effectiveness of the technical and organizational measures taken must now be additionally proven through suitable procedures. This regulation is new and obliges companies, for example, to have a penetration test (stress test) carried out by external companies. From our experience, we know that very few of those affected have this on their radar: We at the IT Experts & IT Forensics Office Zimmer & Partner support you with serious advice and a professionally competent, custom-fit execution.

Important: You need a data protection officer (m/f/d)

According to Article 37 of the EU Data Protection Regulation, all companies in which personal data is processed automatically need a data protection officer. This includes, for example, names, email addresses, account numbers or location data of customers.

There is an exception for small businesses: a company only has to appoint a data protection officer if at least ten employees regularly deal with such data. However, every employee really counts here - even if he or she only processes personal data once a week, for example, or is employed part-time.

Regardless of the number of persons, a company also needs a data protection officer if data is processed for which a data protection impact assessment is necessary. This applies to particularly sensitive data or if there is a high risk for data subjects if the information is misused. This includes, for example, data on ethnic origin, sexual orientation, religious beliefs or personal health. Even if a company sets up a video camera on its premises, these images are considered particularly sensitive.

Talk to us: We at the IT Experts & IT Forensics Office Zimmer & Partner will be happy to advise you.

AUDIT

An audit is used voluntarily to check the data protection suitability of procedures and products and serves to continuously improve security and data protection. Even though this is a voluntary step towards quality assurance, it is of decisive importance in the competitive situation of companies. Because we at the IT Experts & IT Forensics Office Zimmer & Partner know that many companies attach great importance to data protection as part of their personal benchmarking for themselves and their partners.

The objective of the audit is the voluntary review of the suitability of products and processes under data protection law. At the same time, this is intended to achieve a continuous improvement in data protection and data security. The audit promotes self-responsibility through self-monitoring and self-regulation and thus creates an objective sense of security internally to the outside world.

A successful data protection audit ends with an official seal of approval, which may also be used for advertising purposes. With such a seal of approval, companies can prove to their employees, customers and business partners that personal data is handled in compliance with the law and that the topic of data protection is taken seriously in the company.

Should you decide to have an audit, you will find the right experts for competent and professional implementation and support at our IT Experts & IT Forensics Office Zimmer & Partner.

MEDIATION

In contrast to expert opinions, mediation involves the settlement of conflicts with the help of a neutral third party. On the basis of the win-win strategy, taking into account the Havard concept, a solution acceptable to both conflict partners is worked out together. The mediator holds back with the solution or proposals for decisions and merely provides the framework. Mediation is about insight - not about forcing your opinions. There are no losers. Both parties can only win in a constructive discussion.

Particularly in the case of disputes within the company, but also in critical exchanges in the business world with third parties, there are great opportunities in a mediation process. Anyone who has ever had to go before an industrial tribunal because of a dispute of this kind or who has had to face the constraints of the ordinary courts will know that being right and getting right are two different things on the one hand and on the other hand often requires a lot of patience until a final judgement is reached, even if the legal situation is subjectively perceived as clear.

Mediation offers the opportunity to settle disputes in the presence of a neutral third party in such a way that both parties come to a good end without wasting valuable human, financial and above all time resources. If you are interested in a mediation procedure, you will find the right partners for a discreet and trustworthy implementation with us at the IT Expert & IT Forensics Office Zimmer & Partner.