Information Security Management Systems (ISMS)
An effective and comprehensible management of risks is the basis for a successful commercial development for all enterprises. The protection of sensitive information is the basis for long-term trustworthy relationships with customers, partners and investors. Information Security Management Systems based on ISO 27001 provide an internationally accepted way to protect important data and business processes.
atsec has successfully designed and implemented numerous ISMS for medium and large companies. Lean processes, intelligible guidelines and meaningful security measures ensure the efficiency of the atsec developed ISMS. This includes:
- Implementation and maintenance of ISMS based on ISO 27001.
- Development of a central management system that combines various management systems (ISMS, Quality Management System (QMS), Data Protection Management System (DPMS)) for maximum efficiency.
- Support in the selection and deployment of information security measures.
- Support of the integration of further requirements into the ISMS, for example PCI-DSS or SOX/Euro-SOX.
To initialize an ISMS project we start with a readiness assessment. An experienced consultant analyses the current state on-site to get a good understanding of your current processes and measures. This provides a rating of your current compliance status. The result of the readiness assessment contains a plan for the implementation of a fully compliant ISMS as well as a sound estimation of efforts that shows the expected internal efforts as well as consulting efforts required for the implementation.