


Our ISMS / DSMS Portal



Your solution to support your management system
The ISMS / DSMS portal TRIGOsecure developed by Trigonum helps enterprises to operate an integrated data protection and information security management according to the ISO 27701 and thus to lead the data protection as well as the information security into the lived practice. TRIGOsecure is based on the Microsoft SharePoint or Office 365 platform and represents a lean and efficient solution for all business processes through the organised exchange of information within the system. In addition, it takes into account compliance requirements as well as legal data protection requirements according to the ISO standard 27001, the basic data protection regulation (DSVGO) and the basic IT protection developed by the Federal Office for Information Security (BSI). TRIGOsecure is open for the integration of international standards and enables the mapping of individual standards of the own organisation.
Integrated management of data protection and information security with TRIGOsecure
The portal helps you to manage information security and data protection in an integrated manner. The integrated view ensures a high level of transparency and avoids duplication of work. Furthermore, your data protection and information security officer can be relieved. Governance, risk and compliance management can also be implemented sustainably with this tool. TRIGOsecure maps all the necessary building blocks for the implementation of different management systems in your company. This includes functions such as document control and document management including automatic versioning, the management of internal audits as well as supplier audits, a register of information values (assets), risk management, processing descriptions, data protection impact assessment, contract management as well as action management, reporting and a business intelligence solution for the mapping of quality-relevant KPIs as well as project, process and action management for the continuous improvement of the management system.
Our Know-How secures your success



By using the portal, you are opting for a method that has been proven many times in the context of international certifications, through which complex information is stored in a structured manner in a cloud or on local servers. The processes are automated and are offered by us as an add-on solution that uses your Microsoft SharePoint / Microsoft 365. This enables a seamless integration into already existing offline infrastructures.
TRIGOsecure is customizable to your company and takes your individual situation as well as existing requirements into account. We regard your information security and data protection requirements as a holistic project and have therefore created a solution with this modular portal in which all digital requirement profiles for data protection and information security can be configured. With TRIGOsecure it is possible to map all standards and compliance requirements, e.g. ISO 27001, ISO 27701, ISO 20000, BSI, TISAX, DSGVO etc. In the following you will learn more about the individual product modules within the ISMS / DSMS portal.
In order to be able to implement TRIGOsecure at your company in the best possible way, Trigonum has developed processes, guidelines, directives and trainings, which can serve as the basis for the construction of an information security and data protection management system. Thus we supply a procedure and a tool for the structure of the integrated management system. Get already today a non-binding offer from us! Our data protection, information security and SharePoint experts are also available to answer your questions at any time.




The product modules
The central provision of information and documentation relevant for your employees enables the continuous development of the processes documented within the portal and avoids duplication of work. An important sub-function form the document control as well as the document management within individual organizational units. These organizational units can be adapted to any company organization and can thus also be divided into individual countries and in several languages in internationally active companies. Access to the documents is independent of location and is controlled by appropriate release and publication options. Each employee is thus enabled to access the information relevant to him or her and to track important company processes. All objects within the portal are audit-proof thanks to automatic backup processes and archiving. The documents are stored in multiple versions and can thus be traced even in their older versions.
The audits are divided into internal audits, which your data protection officer must carry out regularly, and supplier audits. In both cases, a condition is checked, evaluated and corrected if differences between the actual and target condition have been analyzed.
For the implementation of the audits, the management defines a process description and assigns the responsibilities for planning, execution, documentation and follow-up of the so-called quality audits. This also ensures that a regular review of the functionality and effectiveness of the management system is carried out and that suggestions for improvement are developed and implemented. The audit is then planned, filed and documented at a central location within the portal. The user receives an overview of the current audits and the resulting measures via the central audit dashboard. The written audit results are used to review the planning, implementation and control of measures to optimise the management system with the management.
Your relevant information needs protection. In addition to your hardware and software, the networks and organizational units as well as the company building and personnel, your business processes, personal data or strategic information, prototypes, samples and products are especially important. The need for protection of your data, objects and processes covers all risks of data loss and is assigned to an information value within the portal that takes dependencies into account and inherits them accordingly. If, for example, a document is classified with the protection requirement “high”, the server on which the document is located or the room in which the server is located and the building in which the room is located are also classified with the same value.
In our portal, this protection requirement inheritance is calculated automatically. This way we reduce the complexity for the user. In the portal, the directory of information values (asset register) is versioned, securely digitalised, accessible from anywhere, evaluable through reporting and presented in a filterable form. This creates an awareness of your information values.
As a company, you are legally obliged to draw up a list of your processing activities. This results from Art. 30 of the DSGVO. In our portal, the processing descriptions are archived, organised and filterable, secure, versioned, accessible from anywhere and stored in a way that can be evaluated. This increases transparency and avoids overtime.
The directory records the need for action regarding your processing and identifies the data protection impact assessments (DSFA). It creates transparency for those responsible for processing within your company and increases the ability to provide information to the data subjects or supervisory authorities. Finally, the individual processing descriptions provide information on all personal data collected from you as well as their processing and use. They also provide an insight into who has access to this data, to whom it is transmitted, what legal basis has been used for the storage, processing and transmission of this data, what deletion periods exist and what data protection measures and technical organisational measures (TOMs) are implemented.
Trigonum supports you with the digitalisation of business processes. Nowadays exist in enterprises a huge number of complex business processes side by side, which must be managed consistently. Especially in areas which are not covered by standard ERP systems, media breaks can be avoided by intelligent workflows based on SharePoint or Microsoft 365. By implementing intelligent workflows, working with a large number of documents can be simplified and a functioning collaboration can be created. Lean solutions bring great added value, e.g. when applying for holidays, for projects, investments or the release of documents etc.
As experts for data protection, information security and SharePoint, our team can help you to develop a tailor-made concept for your company and support you in implementing intelligent SharePoint workflows. In addition, our interdisciplinary team can help you to consider data protection and compliance requirements and to develop compliant solutions for your company.
In today’s fast-moving world, it is becoming increasingly important to be aware of existing risks in order to be able to react to them at an early stage and take targeted countermeasures. With our risk management you can approach this issue preventively. With the TRIGOsecure tool developed by us you can plan your risk assessments, create hazard catalogues and document the results of your risk analyses centrally. Also the measures resulting from the risk analyses as well as the risk treatment plan can be documented and a targeted measure management can be operated. In addition, efficient workflows can be implemented, for example for monitoring the measures, and extensive reporting can be carried out.
The Data Protection Impact Assessment (DSFA) examines whether an intended data processing operation meets the legal requirements for legal or technical and organisational preconditions. A risk analysis is also carried out in this context. The processing descriptions are an important basis for the data protection impact assessment.
Art. 35 (1) DSGVO stipulates that companies must carry out a DSFA, for example in the case of data processing involving risks. This is generally the case when a form of processing is used, for example when new technologies are used, which pose a high risk to personal rights and freedoms. The DSFA must be started at the earliest possible stage in the development phase of the processing activities, even if some of the processing operations are not yet known. The continuous updating of the DSFA throughout the life cycle of the project will not only ensure that data protection is given due consideration, but will also stimulate the development of solutions to comply with applicable regulations. With the help of the ISMS / DSMS portal TRIGOsecure the data is archived, organized and filterable, securely stored as well as versioned, accessible from anywhere and evaluable. This creates transparency for the entire DSFA processes.
In addition, TRIGOsecure enables companies on the basis of MS SharePoint / Microsoft 365 an integrated supplier management, through which the relationships with suppliers can be systematically controlled. With the help of TRIGOsecure, all supplier relationships can be managed at a central location. Thus an up-to-date overview of all suppliers including contact information and other relevant information is available at any time. This simplifies and standardizes the supplier management.
In the contract management integrated within the ISMS / DSMS portal, all relevant contracts for information security and data protection are stored centrally. The contract templates and text modules contained in the contract management ensure convenient data entry. They can then be saved with all associated documents and are available for further processing at any time. In addition, they can be linked to other contracts via the management system and can be provided with tasks for compliance with contractual obligations. A flexible authorization and role concept as well as a full-text search and extensive filter functions enable the contract documents to be processed quickly. In addition, approval and release processes are incorporated into the workflow. Contract reporting and controlling is carried out via personalised dashboard views, automatic notification when deadlines expire and individual reports as well as evaluations. This creates transparency in contract management.
Our measure management solution is based on powerful Microsoft technologies that provide a wide range of applications for handling information and documents. Simple operability and transparent documentation of processes enable you to keep an overview of all initiated measures. Within the action management, areas such as document control, audits, risk management and CIP (continuous improvement process) are centrally consolidated and monitored. An automatic reminder and resubmission function enables the implementation on schedule. Furthermore, within our action management solution, complaints and supplier master data as well as data from electronic forms (3D, 8D, inspection report, etc.) are managed. In addition, a workflow is incorporated into the task management system, which starts as soon as a new notification is entered and informs the responsible department for clarifying further actions. With the help of the status query, all tasks and their further processing within the task management can be tracked.
The integrated reporting and business intelligence (BI) within the ISMS / DSMS portal allows a transparent overview of the information collected. Complex data is made available here in the form of dashboards and reports for retrieval or can be requested via a subscription by e-mail as Excel or PDF export. The reports are available in different languages and provide a complete overview of large amounts of information. The added value lies in the preparation and filter functions within the portal, which can be adapted to the usage behaviour of your employees. Relevant information is merged, clearly displayed in diagrams or tables or can be hidden by filter functions, so that the dashboards ultimately differ according to the employees’ area of responsibility. Information from different areas of the company can be processed together in the reports. Finally, the information can be evaluated or estimated using key figures. These are closely linked to reporting. While the report supplies the actual values from the system, key figures put these in relation to the target values.
The organization of your project management can also be integrated into the ISMS / DSMS portal. We support you in the creation of project management methods as well as the development of efficient project and multi-project organizations and the creation of project management manuals. By participating in committees of the Project Management Institute (PMI)® we ensure that our methods and tools take into account the current trends in project management. The tools include processes such as project application and prioritization, project planning, project control as well as project modification and project closure. In addition, forms and documents for project management can be created via the portal and project procedure models can be developed. Finally, this tool allows the project to be handled and personalized in clearly defined structures and processes. This enables targeted and open communication within the project and transparent cross-departmental cooperation. Effort and costs are also presented transparently.
Our ISMS / DSMS portal TRIGOsecure also enables you to use efficient process management in order to successfully operate organization and process optimization. In order to be able to react flexibly to the increasing requirements of the market and the customers, it becomes more and more important to ensure flexibility as well as a continuous optimization of the business processes. Company processes and structures must be constantly developed further and the use of information technologies must be continuously optimized. Successful business process management can both increase customer satisfaction and improve productivity. In order to be able to optimize your processes as efficiently and lastingly as possible, the process management is aligned individually to your needs and your requirements are analyzed in co-operation with Trigonum. By a continuous measurement and improvement of the business processes the process performances can be increased continuously. With TRIGOsecure you can keep an eye on the processes relevant for your company at any time and check and optimise them continuously for their performance to make your company even more efficient.



Our ISMS / DSMS Portal



Your solution to support your management system
The ISMS / DSMS portal TRIGOsecure developed by Trigonum helps enterprises to operate an integrated data protection and information security management according to the ISO 27701 and thus to lead the data protection as well as the information security into the lived practice. TRIGOsecure is based on the Microsoft SharePoint or Office 365 platform and represents a lean and efficient solution for all business processes through the organised exchange of information within the system. In addition, it takes into account compliance requirements as well as legal data protection requirements according to the ISO standard 27001, the basic data protection regulation (DSVGO) and the basic IT protection developed by the Federal Office for Information Security (BSI). TRIGOsecure is open for the integration of international standards and enables the mapping of individual standards of the own organisation.
Integrated management of data protection and information security with TRIGOsecure
The portal helps you to manage information security and data protection in an integrated manner. The integrated view ensures a high level of transparency and avoids duplication of work. Furthermore, your data protection and information security officer can be relieved. Governance, risk and compliance management can also be implemented sustainably with this tool. TRIGOsecure maps all the necessary building blocks for the implementation of different management systems in your company. This includes functions such as document control and document management including automatic versioning, the management of internal audits as well as supplier audits, a register of information values (assets), risk management, processing descriptions, data protection impact assessment, contract management as well as action management, reporting and a business intelligence solution for the mapping of quality-relevant KPIs as well as project, process and action management for the continuous improvement of the management system.



Our Know-How secures your success
By using the portal, you are opting for a method that has been proven many times in the context of international certifications, through which complex information is stored in a structured manner in a cloud or on local servers. The processes are automated and are offered by us as an add-on solution that uses your Microsoft SharePoint / Microsoft 365. This enables a seamless integration into already existing offline infrastructures.
TRIGOsecure is customizable to your company and takes your individual situation as well as existing requirements into account. We regard your information security and data protection requirements as a holistic project and have therefore created a solution with this modular portal in which all digital requirement profiles for data protection and information security can be configured. With TRIGOsecure it is possible to map all standards and compliance requirements, e.g. ISO 27001, ISO 27701, ISO 20000, BSI, TISAX, DSGVO etc. In the following you will learn more about the individual product modules within the ISMS / DSMS portal.
In order to be able to implement TRIGOsecure at your company in the best possible way, Trigonum has developed processes, guidelines, directives and trainings, which can serve as the basis for the construction of an information security and data protection management system. Thus we supply a procedure and a tool for the structure of the integrated management system. Get already today a non-binding offer from us! Our data protection, information security and SharePoint experts are also available to answer your questions at any time.




The product modules
The central provision of information and documentation relevant for your employees enables the continuous development of the processes documented within the portal and avoids duplication of work. An important sub-function form the document control as well as the document management within individual organizational units. These organizational units can be adapted to any company organization and can thus also be divided into individual countries and in several languages in internationally active companies. Access to the documents is independent of location and is controlled by appropriate release and publication options. Each employee is thus enabled to access the information relevant to him or her and to track important company processes. All objects within the portal are audit-proof thanks to automatic backup processes and archiving. The documents are stored in multiple versions and can thus be traced even in their older versions.
The audits are divided into internal audits, which your data protection officer must carry out regularly, and supplier audits. In both cases, a condition is checked, evaluated and corrected if differences between the actual and target condition have been analyzed.
For the implementation of the audits, the management defines a process description and assigns the responsibilities for planning, execution, documentation and follow-up of the so-called quality audits. This also ensures that a regular review of the functionality and effectiveness of the management system is carried out and that suggestions for improvement are developed and implemented. The audit is then planned, filed and documented at a central location within the portal. The user receives an overview of the current audits and the resulting measures via the central audit dashboard. The written audit results are used to review the planning, implementation and control of measures to optimise the management system with the management.
Your relevant information needs protection. In addition to your hardware and software, the networks and organizational units as well as the company building and personnel, your business processes, personal data or strategic information, prototypes, samples and products are especially important. The need for protection of your data, objects and processes covers all risks of data loss and is assigned to an information value within the portal that takes dependencies into account and inherits them accordingly. If, for example, a document is classified with the protection requirement “high”, the server on which the document is located or the room in which the server is located and the building in which the room is located are also classified with the same value.
In our portal, this protection requirement inheritance is calculated automatically. This way we reduce the complexity for the user. In the portal, the directory of information values (asset register) is versioned, securely digitalised, accessible from anywhere, evaluable through reporting and presented in a filterable form. This creates an awareness of your information values.
As a company, you are legally obliged to draw up a list of your processing activities. This results from Art. 30 of the DSGVO. In our portal, the processing descriptions are archived, organised and filterable, secure, versioned, accessible from anywhere and stored in a way that can be evaluated. This increases transparency and avoids overtime.
The directory records the need for action regarding your processing and identifies the data protection impact assessments (DSFA). It creates transparency for those responsible for processing within your company and increases the ability to provide information to the data subjects or supervisory authorities. Finally, the individual processing descriptions provide information on all personal data collected from you as well as their processing and use. They also provide an insight into who has access to this data, to whom it is transmitted, what legal basis has been used for the storage, processing and transmission of this data, what deletion periods exist and what data protection measures and technical organisational measures (TOMs) are implemented.
Trigonum supports you with the digitalisation of business processes. Nowadays exist in enterprises a huge number of complex business processes side by side, which must be managed consistently. Especially in areas which are not covered by standard ERP systems, media breaks can be avoided by intelligent workflows based on SharePoint or Microsoft 365. By implementing intelligent workflows, working with a large number of documents can be simplified and a functioning collaboration can be created. Lean solutions bring great added value, e.g. when applying for holidays, for projects, investments or the release of documents etc.
As experts for data protection, information security and SharePoint, our team can help you to develop a tailor-made concept for your company and support you in implementing intelligent SharePoint workflows. In addition, our interdisciplinary team can help you to consider data protection and compliance requirements and to develop compliant solutions for your company.
In today’s fast-moving world, it is becoming increasingly important to be aware of existing risks in order to be able to react to them at an early stage and take targeted countermeasures. With our risk management you can approach this issue preventively. With the TRIGOsecure tool developed by us you can plan your risk assessments, create hazard catalogues and document the results of your risk analyses centrally. Also the measures resulting from the risk analyses as well as the risk treatment plan can be documented and a targeted measure management can be operated. In addition, efficient workflows can be implemented, for example for monitoring the measures, and extensive reporting can be carried out.
The Data Protection Impact Assessment (DSFA) examines whether an intended data processing operation meets the legal requirements for legal or technical and organisational preconditions. A risk analysis is also carried out in this context. The processing descriptions are an important basis for the data protection impact assessment.
Art. 35 (1) DSGVO stipulates that companies must carry out a DSFA, for example in the case of data processing involving risks. This is generally the case when a form of processing is used, for example when new technologies are used, which pose a high risk to personal rights and freedoms. The DSFA must be started at the earliest possible stage in the development phase of the processing activities, even if some of the processing operations are not yet known. The continuous updating of the DSFA throughout the life cycle of the project will not only ensure that data protection is given due consideration, but will also stimulate the development of solutions to comply with applicable regulations. With the help of the ISMS / DSMS portal TRIGOsecure the data is archived, organized and filterable, securely stored as well as versioned, accessible from anywhere and evaluable. This creates transparency for the entire DSFA processes.
In addition, TRIGOsecure enables companies on the basis of MS SharePoint / Microsoft 365 an integrated supplier management, through which the relationships with suppliers can be systematically controlled. With the help of TRIGOsecure, all supplier relationships can be managed at a central location. Thus an up-to-date overview of all suppliers including contact information and other relevant information is available at any time. This simplifies and standardizes the supplier management.
In the contract management integrated within the ISMS / DSMS portal, all relevant contracts for information security and data protection are stored centrally. The contract templates and text modules contained in the contract management ensure convenient data entry. They can then be saved with all associated documents and are available for further processing at any time. In addition, they can be linked to other contracts via the management system and can be provided with tasks for compliance with contractual obligations. A flexible authorization and role concept as well as a full-text search and extensive filter functions enable the contract documents to be processed quickly. In addition, approval and release processes are incorporated into the workflow. Contract reporting and controlling is carried out via personalised dashboard views, automatic notification when deadlines expire and individual reports as well as evaluations. This creates transparency in contract management.
Our measure management solution is based on powerful Microsoft technologies that provide a wide range of applications for handling information and documents. Simple operability and transparent documentation of processes enable you to keep an overview of all initiated measures. Within the action management, areas such as document control, audits, risk management and CIP (continuous improvement process) are centrally consolidated and monitored. An automatic reminder and resubmission function enables the implementation on schedule. Furthermore, within our action management solution, complaints and supplier master data as well as data from electronic forms (3D, 8D, inspection report, etc.) are managed. In addition, a workflow is incorporated into the task management system, which starts as soon as a new notification is entered and informs the responsible department for clarifying further actions. With the help of the status query, all tasks and their further processing within the task management can be tracked.
The integrated reporting and business intelligence (BI) within the ISMS / DSMS portal allows a transparent overview of the information collected. Complex data is made available here in the form of dashboards and reports for retrieval or can be requested via a subscription by e-mail as Excel or PDF export. The reports are available in different languages and provide a complete overview of large amounts of information. The added value lies in the preparation and filter functions within the portal, which can be adapted to the usage behaviour of your employees. Relevant information is merged, clearly displayed in diagrams or tables or can be hidden by filter functions, so that the dashboards ultimately differ according to the employees’ area of responsibility. Information from different areas of the company can be processed together in the reports. Finally, the information can be evaluated or estimated using key figures. These are closely linked to reporting. While the report supplies the actual values from the system, key figures put these in relation to the target values.
The organization of your project management can also be integrated into the ISMS / DSMS portal. We support you in the creation of project management methods as well as the development of efficient project and multi-project organizations and the creation of project management manuals. By participating in committees of the Project Management Institute (PMI)® we ensure that our methods and tools take into account the current trends in project management. The tools include processes such as project application and prioritization, project planning, project control as well as project modification and project closure. In addition, forms and documents for project management can be created via the portal and project procedure models can be developed. Finally, this tool allows the project to be handled and personalized in clearly defined structures and processes. This enables targeted and open communication within the project and transparent cross-departmental cooperation. Effort and costs are also presented transparently.
Our ISMS / DSMS portal TRIGOsecure also enables you to use efficient process management in order to successfully operate organization and process optimization. In order to be able to react flexibly to the increasing requirements of the market and the customers, it becomes more and more important to ensure flexibility as well as a continuous optimization of the business processes. Company processes and structures must be constantly developed further and the use of information technologies must be continuously optimized. Successful business process management can both increase customer satisfaction and improve productivity. In order to be able to optimize your processes as efficiently and lastingly as possible, the process management is aligned individually to your needs and your requirements are analyzed in co-operation with Trigonum. By a continuous measurement and improvement of the business processes the process performances can be increased continuously. With TRIGOsecure you can keep an eye on the processes relevant for your company at any time and check and optimise them continuously for their performance to make your company even more efficient.




Related Services
TRIGOsecure enables companies to manage documents efficiently. The central provision of relevant information and documentation for your employees enables the continuous development of the processes documented within the portal and avoids duplication of work.
With TRIGOsecure you can easily plan your audits and document and file the audit results as well as the resulting measures centrally. In addition, TRIGOsecure enables you to implement an efficient and sustainable action management for the audits. Automated workflows can be set up, reporting can be operated and an evaluation of the KPIs can take place.
Uniform processes, standards, forms and methods are necessary for the successful completion of projects. Uniform project management standards create transparency in the company and are the basis for a common project management understanding. Our project management experts offer methodical consulting of projects and support the project manager and the whole team in the selection and application of suitable methods.
Based on Microsoft SharePoint® technology, the SharePoint® Processing Descriptions App makes it easy to create your directory of processing activities. Notifiable processing activities can be entered quickly and easily using a form. All data relevant to a processing activity directory can be automatically combined and evaluated by saving it to the SharePoint® portal.
In today’s fast-moving world, it is becoming increasingly important to be aware of existing risks in order to be able to react to them at an early stage and take targeted action to counter them. With our risk management tool you can approach this issue preventively. With the tool we have developed, you can, among other things, plan your risk assessments, create hazard catalogues and centrally document the results of your risk analyses and the risk treatment plan.
The Data Protection Impact Assessment (DPIA) examines whether an intended data processing operation meets the legal requirements for legal or technical as well as organisational prerequisites and whether there are risks for the persons concerned. With the help of our ISMS / DSMS – Portal TRIGOsecure the data is archived, organized and filterable, securely stored as well as versioned, accessible from everywhere and evaluable. Through this a transparency for the entire DPIA processes is achieved.
TRIGOsecure enables companies an integrated supplier management, through which the relationships with suppliers can be systematically controlled. With the help of TRIGOsecure contracts and deadlines can be monitored, suppliers can be classified according to protection requirements and linked to information values. This simplifies and standardizes supplier management.
In the contract management integrated within the ISMS / DSMS portal, all relevant contracts for information security and data protection are stored centrally and transparency is created. With the help of TRIGOsecure you can manage your contracts simply, centrally and clearly.
TRIGOsecure enables companies to manage measures efficiently. Simple operability and the transparent documentation of the processes enable you to keep an overview of all measures introduced. The measure management combines all measures and tasks of the management system in one central place.
The integrated reporting and business intelligence (BI) functionality within the ISMS / DSMS portal allows a transparent overview of the information collected. With TRIGOsecure information and data can be evaluated, KPIs can be checked for their achievement of objectives and reports and dashboards can be automated and easily created. Complex data is provided here in the form of dashboards and reports for retrieval or can be requested via a subscription by e-mail as Excel or PDF export.
Our ISMS / DSMS portal TRIGOsecure enables you to use efficient process management to successfully operate organization and process optimization. Our process model for data protection management and information security provides you with practice-proven processes with which a management system can be implemented in a target-oriented way.
The implementation of the project management for the structure of the ISMS and DSMS can be integrated in the ISMS / DSMS portal. Trigonum has developed an agile procedure model which is oriented at international standards (PMI, Prince 2, Scrum) and supports you with the construction of the management system.