Menu
This is one of 4545 IT projects that we have successfully completed with our customers.How can we support you?
Status quo assessment: Strategic information security and ISMS
Project duration: 5 months
Brief description
The customer would like to review its information security measures and in the future also change its information security management system (ISMS) from basic protection according to BSI 100-2 to basic protection according to BSI 200-2. In order to assess the necessary efforts in detail and to obtain a general overview of the quality of the strategic information security measures, the customer would like to have an as-is analysis of the existing systems and processes carried out from the point of view of information security.
Supplement
In order to achieve the project objective, above all, the currently existing inventory documentation on the processes and systems that have existed up to now and submitted by the customer will be examined and evaluated with regard to quality, up-to-dateness, completeness and appropriateness for use in the context of maintaining, managing, controlling and improving the customer's information security. For this purpose, the client provides its own documentation as well as the results of internal and external audits.
Subject description
The existing ISMS system and a number of documents and protocols were evaluated for this as-is analysis. The detailed list can be found in the project SharePoint. For the evaluation of the prerequisites for the desired upgrade of the existing ISMS from BSI 100-2 to 200-2, the preliminary, newly developed process map of the customer was examined as a mandatory prerequisite for the business process-centred approach in 200-2 in contrast to the application-centred view of 100-2. To assess the completeness, timeliness and quality of the documentation of the existing ISMS, a number of individual documents and protocols were evaluated in addition to the ISMS tool. (Audit reports, action plans, guideline, meeting minutes, etc.). For the development of options and recommendations for action, the feature catalogues of a number of ISMS tools as well as the BSI's instructions for the migration of security concepts for the migration from BSI 100-X to 200-X were examined.
Overview
- Branchen banking
- Fachaufgaben data protection, digitalization, Incident Management, ISO 27001, IT security, performance analysis
- DV-Aufgaben IT consulting
- Systemumgebungen organizational consulting
- Vorgehensmodell agile software development
Project periodProjektzeitraum15.05.2020 - 30.09.2020
Have we sparked your interest?
Contact
PTA GmbH Head Office
Weberstraße 2-4
D-68165 Mannheim
© Copyright 2024 PTA GmbH | All rights reserved | Imprint | Privacy | Legal notice | Values & Code of Conduct
