An information security management system (ISMS) aims to identify IT risks as well as information security risks for an organization, analyze them and make them controllable through appropriate measures. There are various approaches to implementing information security. Materna advises and supports both ISO 27001 and IT-Grundschutz and CISIS12. For all approaches, we support the topics of maturity level determination, ISMS security documentation, internal ISMS audits and ISMS certification support.
In addition, we advise on the introduction of management systems for Governance Risk and Compliance (HiScout modules IT-Grundschutz and data protection). Many organizations are unsure about the maturity level of their information security, would like to increase the information security level or need an internationally valid information security management system, e.g. to meet compliance requirements. We support organizations in the environment of an ISMS with three objectives: Introduction, migration and transition.