Development of a “Security Operation Center” (SOC) operational model. For this purpose the requirements of all stakeholders were collected, evaluated and processed in several resulting documents: The developed role profiles were used to find suitable employees, the division into activities to be performed by the organization itself and activities to be performed by external parties served as a basis for the Managed Security Service Provider (MSSP) tender, and with the help of the identified risks and use cases the benefits of a SOC could be demonstrated to the management level.