Risks in complex systems cannot be completely excluded. However, the goal is to ensure the highest possible level of security. This is achieved through security concepts with relevant planning, execution and regular audits. Security measures are succesful, only if they provide a defence against expected and unexpected security attacks or if they are able to prevent such attacks. Security systems today cannot be operated properly without well-engineered IT and a suitable infrastructure.