In today’s world, many institutions in business and administration are dependent on the proper functioning of IT. Due to this increasing dependency and the growing threat potential, information security is becoming more and more important.
The German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik (BSI)) offers with the IT-Grundschutz, a combination of a methodology for security management with concrete measures recommendations. These recommendations cover not only technical aspects, but also organizational, personnel and structural aspects. In general, BSI IT-Grundschutz provides a recognized approach for developing and reviewing security concepts.
In order to adapt these recommended measures to the respective organization, so-called modules are used to map the structure of the company. These modules contain possible hazards that can affect the object and measures to counteract them.
Implementation in CRISAM®
The BSI GSTOOL is used to create such security concepts and is widely used in Germany in particular. In addition to the official GSTOOL, however, CRISAM® also offers the possibility of establishing IT-Grundschutz in the company, since the structure of CRISAM® is similar to the module principle of IT-Grundschutz.
For this reason, CRISAM® is also listed on the BSI-website as an official alternative to GSTOOL.
The CRISAM® Explorer offers all the necessary modules to map the basic protection topic in its entirety and also offers numerous options for further risk management, such as a monetary valuation. The risk objects are modeled in a fault tree, and the entire IT risk management process can be mapped. Another major advantage is the customizable and meaningful reporting capabilities of CRISAM®.
Key features and benefits
- Includes the latest version of the BSI IT-Grundschutz catalog.
- Contains the CRISAM® GSTOOL Import to transfer existing BSI GSTOOL data into the CRISAM® Risk Management Information System.
- Contains the BSI Compliance Analysis Report to prove the compliance of your ISMS according to BSI IT-Grundschutz.
- Thus optimally supports the preparation and certification according to the recognized BSI IT-Grundschutz certificate.
- The integrated mapping enables an immediate evaluation from CRISAM® ISMS or existing BSI controls.
- Available in German.
Weitere Themen ///
THERE’S A FIRE – HOW WELL PROTECTED IS YOUR DATA?
In light of the recent fire at the cloud operator OHV, we recommend that every company take a close look at the topic of cloud outsourcing, because the consequences can be painful and an investment in information security that is saved at one end can be expensive at the other. It is therefore worth taking a closer look at a few points in good time. You can find out what these are in this article.
News Information Risk Management
THE ISMS AS A SUCCESS FACTOR FOR SECURE OT OPERATIONS
The current events around the COVID crisis or the almost daily new news about "hacked" companies show us all how important the secure operation of (critical) infrastructures is.
News Enterprise Risk Management
HOW TO GET CALMLY THROUGH THE IDW PS 340 N.F. AUDIT
A revised auditing standard was published on January 1, 2021. How do you get calm through the IDW PS 340 n.F. audit with CRISAM®? Take advantage of this opportunity and expand the capabilities of your corporate planning...
Content Release March 2021
Comprehensive innovation in the CRISAM® Knowledge Packs in the area of ISMS, SCADE, KRITIS, B3S, VDA-TISAX and Legal Essentials.
REVIEW OF THE FIRST CRISAM® COMMUNITY TALK
Tuesday, 2/23/2021 was the day. The first CRISAM® Community Talk took place online and the turnout was fantastic. Numerous participants from a wide range of industries took a day to exchange ideas among Risk Management experts.
News Information Risk Management
CRISAM® Process Model
CRISAM® is based on a 6-step process model that provides a holistic view of your risk management.