SoftGuide > Functions / Modules Designation > ISO 27001

ISO 27001

What is meant by ISO 27001?

The term "ISO 27001" refers to an international standard for information security management systems (ISMS). It defines the requirements for establishing, implementing, maintaining, and continually improving a documented ISMS. The primary goal of ISO 27001 is to protect sensitive data and ensure the integrity and availability of information. Companies certified under ISO 27001 demonstrate their commitment to security and the protection of sensitive data.

Typical software functions in the area of "ISO 27001":

  1. Risk Management: Identification, assessment, and treatment of information security risks according to ISO 27001 requirements.
  2. Document Management: Management of documentation for policies, procedures, and work instructions required for ISO 27001 compliance.
  3. Audit Management: Planning, conducting, and following up on internal and external audits to verify compliance with ISO 27001.
  4. Compliance Tracking: Monitoring compliance with legal, regulatory, and ISO 27001-specific requirements.
  5. Training Management: Managing and documenting employee training to raise awareness of information security and ISO 27001 requirements.
  6. Incident Management: Recording, analyzing, and addressing security incidents in accordance with ISO 27001 guidelines.
  7. Reporting and Analysis: Creating reports to monitor ISMS compliance and performance, as well as identifying opportunities for improvement.

Examples of "ISO 27001":

  1. Risk Assessment: A company evaluates the risks to its information security assets and takes measures to mitigate those risks.
  2. Internal Audits: Regularly conducting internal audits to verify the ISMS's compliance with ISO 27001 requirements.
  3. Employee Training: Conducting training sessions to raise employees' awareness of information security requirements under ISO 27001.
  4. Documentation of Security Policies: Creating and managing security policies that comply with ISO 27001 standards.
  5. Handling Security Incidents: A company documents and analyzes security incidents and takes appropriate actions to prevent future occurrences.

The function / module ISO 27001 belongs to:

Information Security Management - ISMS

Asset register
Automatic risk assessment
Business Impact Analysis
Business Processes
decentralized data collection
Document repository
Grouping of assets
Integrate organizational structure
ISO 27001
Risk analysis
Risk treatment plan
Security Incidents
Statement of applicability (SoA)

Software solutions with function or module ISO 27001:

Compliance Aspekte
Compliance Management
co_suite - Qualitäts-/ Risikomanagement, CAPA, Beschwerde, Dokumente, Ideen
Compliance Management
DHC VISION
Quality Assurance
myPARM - Multi-project management software
Multi-Project Management
QSEC - GRC/ISMS, ISO 27001/BSI standard- IT protection, B3S and data protection
ISMS - Information Security Management
Quentic (The leading software for EHSQ & ESG management)
Safety Management
SECURITY ASSISTANT (MR.KNOW)
ISMS - Information Security Management