CRISAM ISMS Knowledge Pack

CRISAM® ISMS Knowledge Pack contains the required professional expertise for setting up and maintaining an information security management system (ISMS).

Key features and benefits

  • Contains more than 160 components and 1,850 control objectives for identification and evaluation of IT risks.
  • Based on relevant sources such as ISO/IEC 27002, ITIL version 2 and 3, COBIT, NIST and BSI Grundschutz.
  • Takes into account best practices and recommendations of manufacturers.
  • Takes into account over 10 years experience and extensive expert knowledge of the CRISAM® community.
  • The CRISAM® ISMS Knowledge Pack is updated biannually. 
  • Available in German and English.

Figure 1: Control objective of change management component

Packaged expertise

In each CRISAM® Knowledge Pack the combined expertise of risk management manifests in the form of questions, evaluation guidelines and weightings for internal and external auditors. In order to ensure the identification of new risks and for keeping your CRISAM® IT risk management system state-of-the-art, it has to be adapted regularly with the latest CRISAM® Knowledge Packs.


The relevant reports for your information security management system (ISMS) are already integrated into the CRISAM® Explorer. These are the reports business impact analysis, risk analysis, gap analysis, catalog of measures and implementation.

System requirements

CRISAM® Explorer