This is one of 4620 IT projects that we have successfully completed with our customers.

How can we support you?

Weißes Quadrat mit umrandeten Seiten rechts oben

Status quo assessment: Strategic information security and ISMS

Project duration: 5 months

Brief description

The customer would like to review its information security measures and in the future also change its information security management system (ISMS) from basic protection according to BSI 100-2 to basic protection according to BSI 200-2. In order to assess the necessary efforts in detail and to obtain a general overview of the quality of the strategic information security measures, the customer would like to have an as-is analysis of the existing systems and processes carried out from the point of view of information security.

Supplement

In order to achieve the project objective, above all, the currently existing inventory documentation on the processes and systems that have existed up to now and submitted by the customer will be examined and evaluated with regard to quality, up-to-dateness, completeness and appropriateness for use in the context of maintaining, managing, controlling and improving the customer's information security. For this purpose, the client provides its own documentation as well as the results of internal and external audits.

Subject description

The existing ISMS system and a number of documents and protocols were evaluated for this as-is analysis. The detailed list can be found in the project SharePoint. For the evaluation of the prerequisites for the desired upgrade of the existing ISMS from BSI 100-2 to 200-2, the preliminary, newly developed process map of the customer was examined as a mandatory prerequisite for the business process-centred approach in 200-2 in contrast to the application-centred view of 100-2. To assess the completeness, timeliness and quality of the documentation of the existing ISMS, a number of individual documents and protocols were evaluated in addition to the ISMS tool. (Audit reports, action plans, guideline, meeting minutes, etc.). For the development of options and recommendations for action, the feature catalogues of a number of ISMS tools as well as the BSI's instructions for the migration of security concepts for the migration from BSI 100-X to 200-X were examined.

Overview

Project period15.05.2020 - 30.09.2020

Have we sparked your interest?

Jetzt Kontakt aufnehmen

Zum Umgang mit den hier erhobenen Daten informieren wir in unserer Datenschutzerklärung.

Contact now

We provide information on the handling of the data collected here in our privacy policy.

Download file

We provide information on the handling of the data collected here in our privacy policy.