Skip to content
Trigonum Logo
  • companyCompany
    • Trigonum partners working togetherManagement
    • Icon ideaPhilosophy
    • Icon GoalTarget Groups – Branches
    • Icon Ideas exchangeConsulting Approach
    • Icon StärkeOur Competences
    • Ziel erreichtReference Projects
    • Icon JobCareer
  • Icon securityInformation Security
    • ChecklistQuick Check Information Security
    • Automobil TISAXVDA Information Security
    • CameraInformation Security Concept
    • Icon attentionRisk Management Consulting
    • NotebookISMS
    • Icon IT ConsultantInformation Security Officer
    • ISO 27001ISO 27001 Certification
    • Icon ISMS safeISMS Critical Infrastructures
    • Cloud securetySafely in the Cloud
  • law, GDPR, DSGVOData Privacy
    • ChecklistExternal Data Privacy Check
    • Notes Requirements ManagementData Privacy Documentation
    • Icon privacy policyData Privacy Concept
    • GDPR, DSGVOGDPR
    • Dokumentation VerarbeitungData Processing Register
    • Icon IT ConsultantTOM Check
    • data protectionExternal Data Privacy Officer
    • instructionEmployee Sensitisation
    • FormContract Processing
    • Icon PINCombined Security
  • Ihre Spezialisten für InformationssicherheitProject Management
    • Requirements Management
    • Icon MeetingProject Management & Consulting
    • Icon PortfolioPortfoliomanagement
    • recordsMethods & Standards
    • instructionProject Management Training
  • Icon SharePointSharePoint
    • NotebookISMS Portal
      • recordsDocument Management
      • magnifier, flawAudit Management
      • Asset Register
      • Processing DescriptionRecords of processing activities
      • FunktionSharePoint Workflows
      • Icon AchtungRisk Management
      • Icon privacy policyPrivacy Impact Assessment
      • Supplier Management
      • Contract management
      • Measure Management
      • DashboardReporting / KPIs / Dashboards
      • Process Management
      • Project planProject Management
    • FunctionQM Portal
    • ChecklistRevision Tool
    • Dokumentation VerarbeitungRecords of processing activities
    • ICON ToolsEmergency and fault management
  • schoolTraining
    • instructionClassroom Training
    • Icon eLearningelearning Portal
  • Deutsch
  • companyEnterprise
    • Trigonum partners working togetherManagement
    • Icon ideaPhilosophy
    • Icon GoalTarget Groups & Branches
    • Consulting approach
    • Icon strongOur competences
    • achieveReference projects
    • Icon JobCareer
  • Icon securityInformation Security
    • ChecklistQuick Check Information Security
    • Icon AutoVDA Information Security Assessment
    • CameraInformation Security Concept
    • Icon attentionRisk Management Consulting
    • NotebookISMS
    • Icon IT ConsultantInformation Security Officer
    • ISO 27001ISO 27001 Certification
    • ISMS critical infrastructures
    • Cloud securetySafely in the Cloud
  • DSGVO & BDSG neuData Privacy
    • ChecklistExternal Data Privacy Check
    • letterData Privacy Documentation
    • data protectionData Privacy Concept
    • European Union flagGDPR
    • Processing DescriptionData Processing Register
    • ConstulantTOM Check
    • Icon DS ExperteExternal Data Privacy Officer
    • instructionEmployee Sensitisation
    • data protectionContract Processing
    • Icon PINCombined Security
  • planProject Management
    • DashboardRequirements Management & IT Governance
    • Project Management Training MeetingProject Management & Consulting
    • Icon PortfolioPortfoliomanagement
    • Icon DocumentationProject Management Methods & Standards
    • instructionProject Management Training
  • Icon SharePointSharePoint
    • ISMS Portal
    • Icon TeamsQM Portal
    • ChecklistThe revision tool
    • ICON toolsEmergency and fault management
    • Icon DocumentationDocument Management
    • magnifier, flawAudit Management
    • Asset Register
    • Processing DescriptionRecords of processing activities
    • Icon privacy policyPrivacy Impact Assessment
    • Contract management
    • Measure Management
  • schoolTraining
    • Icon SchulungClassroom Training
    • graduateelearning Portal
  • Deutsch
  • Digitalisierung
  • SharePoint Workflows
  • Collaboration (Teams)
  • Prozessmanagement
ISMS critical infrastructuresschmidtkev2020-01-20T16:41:02+01:00
Kritische Infrastruktur mit dem Aufbau eines Informationssicherheitsmanagementsystem absichern

ISMS for operators of critical infrastructures

information security

ISMS certification according to ISO 27001 becomes mandatory for KRITIS operators

The legislator obliges the operators of critical infrastructures to adequately secure their IT according to the state of the art and to meet the IT security standards. The IT Security Act passed in 2015 requires operators of critical infrastructures to review security every two years. The Federal Office for Security and Information Technology (BSI) must also be notified by KRITIS operators of all significant incidents in the area of IT security. The basic services that are important for our society are called critical infrastructures (KRITIS).

Basic infrastructures are healthcare facilities such as hospitals, pharmacies or manufacturers of vital medical products. They also include water and energy supply as well as emergency and rescue services, information technology and telecommunications. These are all areas on which people in our society depend for their basic needs. Reliable, secure infrastructures are an important basis for our society with its ever-increasing trend towards technology and digitisation.

The disruption or destruction of critical infrastructures can have serious implications for the health, safety, economic or social well-being of the population or the effective functioning of governments. Industrial production is not possible without electricity. Drinking water is vital for our survival and would be inconceivable without a continuous supply. The banking business would come to a standstill without functioning information and communication technology. Public life would collapse within a very short time.

The structure of an ISMS according to DIN ISO/IEC 27001 provides protection against such attacks. This international standard for ISMS, which is based on a risk-based approach, offers corresponding possibilities and instruments.

Development of an ISMS according to DIN ISO 27001 with our IT security experts

data privacy

The scope of application of the IT security catalogue extends to network components or subsystems, which are controllable and thus directly influence the function mode of the network or however to network components, which are not controllable themselves, but indirectly influence the network mode of operation e.g. by provision of data and are in this way also useful for the network control.

Trigonum Consulting is specialized for years in information security management systems. Our IT security consultants have already advised and supported numerous companies in the efficient implementation and successful certification of an ISMS according to the ISO/IEC 27001 standard. Ask us about our reference projects. We would be pleased to arrange a non-binding meeting with you.

Information management system becomes mandatory

The key requirement of the security catalogue to be implemented is the pursuit of a holistic approach. This is fulfilled by the operators of critical infrastructures with the introduction of an ISMS (information security management). The Federal Network Agency issues a security law and obliges all operators of critical infrastructures to introduce an information management system in accordance with the ISO/IEC 27001 standard. According to the current draft, operators of critical infrastructures only have one year after the adoption of the regulation to implement it.

An information management system is aimed at the permanent fulfilment of legal requirements and the sustainable limitation of risks. Only by establishing and adhering to an ISMS with the definition of the associated organisational structure and responsibilities can a continuous improvement in information security be achieved.

An ISMS introduced in the company in accordance with DIN ISO 27001 ensures the availability of business processes and offers appropriate protection against incidents that could damage business. Risks are limited sustainably. Intelligent integration with IT service management creates a further building block for the continuous optimisation of IT systems and processes.

Parallel to the introduction of an ISMS, network operators are obliged to appoint an IT security officer as a contact person for the Federal Network Agency. The task of the IT security officer is to coordinate all IT security-related measures. To fulfil these tasks, the IT security officer works closely with the company management, the IT management, the data protection officer and all other departments of information security management. Trigonum Consulting will provide you with an external security officer on request. Our security officers have many years of expertise. They are experts in the field of national and international information security standards and certified ISO 27001 basic protection auditors.

Kritische Infrastruktur mit dem Aufbau eines Informationssicherheitsmanagementsystem absichern

ISMS for operators of critical infrastructures

information security

ISMS certification according to ISO 27001 becomes mandatory for KRITIS operators

The legislator obliges the operators of critical infrastructures to adequately secure their IT according to the state of the art and to meet the IT security standards. The IT Security Act passed in 2015 requires operators of critical infrastructures to review security every two years. The Federal Office for Security and Information Technology (BSI) must also be notified by KRITIS operators of all significant incidents in the area of IT security. The basic services that are important for our society are called critical infrastructures (KRITIS).

Basic infrastructures are healthcare facilities such as hospitals, pharmacies or manufacturers of vital medical products. They also include water and energy supply as well as emergency and rescue services, information technology and telecommunications. These are all areas on which people in our society depend for their basic needs. Reliable, secure infrastructures are an important basis for our society with its ever-increasing trend towards technology and digitisation.

The disruption or destruction of critical infrastructures can have serious implications for the health, safety, economic or social well-being of the population or the effective functioning of governments. Industrial production is not possible without electricity. Drinking water is vital for our survival and would be inconceivable without a continuous supply. The banking business would come to a standstill without functioning information and communication technology. Public life would collapse within a very short time.

The structure of an ISMS according to DIN ISO/IEC 27001 provides protection against such attacks. This international standard for ISMS, which is based on a risk-based approach, offers corresponding possibilities and instruments.

data privacy

Development of an ISMS according to DIN ISO 27001 with our IT security experts

The scope of application of the IT security catalogue extends to network components or subsystems, which are controllable and thus directly influence the function mode of the network or however to network components, which are not controllable themselves, but indirectly influence the network mode of operation e.g. by provision of data and are in this way also useful for the network control.

Trigonum Consulting is specialized for years in information security management systems. Our IT security consultants have already advised and supported numerous companies in the efficient implementation and successful certification of an ISMS according to the ISO/IEC 27001 standard. Ask us about our reference projects. We would be pleased to arrange a non-binding meeting with you.

Information management system becomes mandatory

The key requirement of the security catalogue to be implemented is the pursuit of a holistic approach. This is fulfilled by the operators of critical infrastructures with the introduction of an ISMS (information security management). The Federal Network Agency issues a security law and obliges all operators of critical infrastructures to introduce an information management system in accordance with the ISO/IEC 27001 standard. According to the current draft, operators of critical infrastructures only have one year after the adoption of the regulation to implement it.

An information management system is aimed at the permanent fulfilment of legal requirements and the sustainable limitation of risks. Only by establishing and adhering to an ISMS with the definition of the associated organisational structure and responsibilities can a continuous improvement in information security be achieved.

An ISMS introduced in the company in accordance with DIN ISO 27001 ensures the availability of business processes and offers appropriate protection against incidents that could damage business. Risks are limited sustainably. Intelligent integration with IT service management creates a further building block for the continuous optimisation of IT systems and processes.

Parallel to the introduction of an ISMS, network operators are obliged to appoint an IT security officer as a contact person for the Federal Network Agency. The task of the IT security officer is to coordinate all IT security-related measures. To fulfil these tasks, the IT security officer works closely with the company management, the IT management, the data protection officer and all other departments of information security management. Trigonum Consulting will provide you with an external security officer on request. Our security officers have many years of expertise. They are experts in the field of national and international information security standards and certified ISO 27001 basic protection auditors.

Puzzle

Related Services

ISO 27001 Certification

More and more customers are demanding concrete proof from their suppliers that an efficient information security management system has been established. The German Association of the Automotive Industry (VDA), for example, recommends its members to set up an information security management system in accordance with ISO 27001. Further keywords are Basel II, KontraG and Sarbanes Oxley Act for US listed companies as well as the introduction of comparable European guidelines.

Read more

TOM Check

Companies that collect, process or use personal data are obliged to take the technical and organisational measures (TOM) necessary to comply with the provisions of the DSGVO. Measures from the following areas are to be taken, provided that their expenditure is proportionate to the intended protective purpose.

Read more

ISMS

An information security management system (ISMS) regulates the entire information security of a company. It defines procedures, processes and rules to ensure information security and security standards in a company or organization. We support you in the introduction of an ISMS.

Read more
Imprint  |  Privacy Policy | Downloads
Copyright by Trigonum GmbH | All Rights Reserved
  •  

Go to Top