ISMS


An Information Security Management System (ISMS) is the compilation of procedures and rules within an organisation to permanently define, control, monitor, maintain and continuously improve information security.

The basic protection of the Federal Office for Information Security (German BSI) represents a practical concept for the implementation of an ISMS. Together with the so-called basic protection catalogue, it forms the basis for the introduction and maintenance of an ISMS. The basic protection is based on the international standard ISO/IEC 27001 and extends it by practical procedures for implementation.

MORGENSTERN advises on the basis of the basic protection and considers it in every situation. The consultants analyse all IT systems and processes and recommend necessary changes. This can result in a basis for establishing an ISMS and certification.

MORGENSTERN supports you with consultants of different fields and by carrying out training courses. Together with you, MORGENSTERN will find an appropriate model for an ISMS. Depending on the industry and company size, the basic protection according to the German Federal Office for Information Security (German BSI), ISO 27001, ISIS12 or an individual approach can be appropriate.