Risk Analyses according to ISO27001 standard are directly executed within the CMDB
The ISMS add-on for i-doit enables you to carry out risk analyses directly in your CMDB. The specifications of the ISO standard 27001 are thereby observed. You integrate security and risk evaluation directly into your IT documentation by making use of this add-on.
The advantage: Changes of the IT landscape are usually entered into the IT documentation very quickly. Therefore, all necessary information is available which allows for an assessment of the current security situation.
Another advantage is the seamless integration into i-doit. You can relate risk analyses directly to the impacted objects. Purchasing, testing and implementing an additional software is not required. The template system, mass editing and reporting are also directly available.
The most interesting part of the ISMS add-on is its ability to connect with other i-doit add-ons. The data from the ISMS can be used by e.g. the Document add-on. There you can generate security relevant documents in Corporate Design of your company which always include current data.
During the installation of your ISMS add-on you import the risk catalogs like the Annex A of ISO 27001 or the IT-Grundschutz catalogs. Afterwards you define Risk Management in your company and adjust the risk catalogs accordingly. The final step triggers the actual Risk Management.
During installation of this add-on approximately 2000 objects are automatically set up in your i-doit installation due to functional-technical reasons. Therefore, you can use this add-on only with a license from 5000 objects and more.