ISMS according to ISO 27001

Comprehensively protected
with BIC Information Security

Information is one of the most valuable assets in any company. That’s why you need to protect it in a complete, proper manner. ISO 27001 outlines a set of rules and policies that every company can use as the foundation for a future-proof information security management system. With BIC Information Security, you can quickly build an ISMS that conforms to leading standards – without the need for complex Excel applications.

Companies from all over the world trust us

Bank on state-of-the-art technology to map your ISMS in line with ISO 27001

Save valuable time with BIC Information Security, the #1 ISMS software and enjoy the benefits of a professional, automated ISMS tool. The software based on ISO 27001 offers role-based permissions and uniform, standard-compliant processes. Reports and dashboards clearly display critical metrics for information security as well as any current areas where action needs to be taken. The automatically generated statement of applicability (SoA) keeps you informed on the current level of maturity of the ISMS.

Standardized. Secure. Smart.

The next step for your information security management: BIC Information Security provides a fast, professional way to digitalize your ISMS processes in line with ISO 27001 in an intuitive ISMS software that raises your information security to the next level.

Interactive dashboards

The central gateway for all users is the dashboard, which presents a comprehensive view of status information as well as metrics on risk analyses, measures, and proofs of effectiveness. Users can access their own to-do lists here as well. The CISO and senior management receive a clear overview of all the information that is of relevance to them, including any recommended actions.

As the central starting point, the dashboard offers all users exactly the information they need according to their defined permission levels. The intuitive navigation of the software solution guides users to the desired reports or tasks that need to be completed. With BIC Information Security, you get a GRC tool that saves a great deal of time in administrating and controlling information security processes.

Predefined reports

Using the comprehensive analytic capabilities in the BIC Information Security software solution, you can create reports that visualize information in a compact, appealing design. The statement of applicability (SOA), for example, presents a complete summary on the appropriateness and maturity of the controls listed in Annex A of ISO 27001 and the respective measures that have been implemented within the company.

These reports can be generated anytime for management reviews as well as internal and external audits at the touch of a button without having to merge information from various Excel spreadsheets or other sources. Since all data from the reports in BIC Information Security is stored in an audit-proof archive, you can easily utilize it to compare individual risks over longer periods of time.

Workflow-driven support for recording risks and measures

Workflows are defined for the entire ISMS to support users throughout the recording process. These workflows are based on an authorization system and define which users can edit which data in which status. This specifies the areas in which the individual users have read or write access as well as what type of create, edit or approve actions they can perform in the ISMS tool.

The workflow clearly defines which permissions each user has. These are granted once and determine the user’s role. This minimizes the risk for accidental or false entries in the system and ensures that users are not overwhelmed with too much information.

Email automation

BIC Information Security automatically sends an email to inform the affected users when a defined event occurs. When the status of an action changes and, therefore, triggers a change in responsibilities, that new person will be informed instantly.

The automatic email notifications in BIC Information Security facilitate day-to-day tasks by eliminating the need to send regular reminders to co-workers about their current list of to do’s. Since the system takes on this task, it also provides transparency on the status of the different tasks that need to be completed.

The DSV Group and GBTEC work really well together. The consulting and reporting departments, in particular, actively exchange ideas and information. For us, it was important to have the possibility to design certain concepts – and in some cases even implement them – on our own. BIC is the perfect software for our needs.

Felix StreibichCorporate-Information-Security-Officer (CISO) / Subject Specialist Information Security, DSV

With BIC Information Security and the ISO Standard 27001 into the future of information security

The security of the assets in your company has top priority and is a prerequisite for long-term business success. Create the basis for a successful, powerful information security management system with BIC Information Security.

Strengthen information security
  • ISO 27001 standard compliant
  • Protection of all corporate assets
  • Automatically generated Statement of Applicability
Save time and resources
  • Immediately applicable
  • No complicated Excel applications
  • Automated ISMS processes
Create value
  • Permanent ability to provide information
  • Predefined reports
  • Workflow-controlled administration

BIC Information Security:
The business side

BIC Information Security was developed based on ISO 27001 and incorporates the vast hands-on experience gained in numerous implementation projects.

ISO 27001 is an internationally recognized standard for information security management. It outlines the requirements to successfully document and implement an ISMS. The goal of an ISMS is to systematically manage information security in order to protect the confidentiality, integrity and availability of information and assets as well as efficiently identify and reduce potential threats. The ISO/IEC 27001 standard is comprised of over 30 documents that support companies throughout an ISMS implementation.

ISO/IEC 27001:2013 is the leading choice for certification among companies that do not require more specific frameworks (e.g., for cloud services, cloud computing, energy sector).

Do you have any questions?

Do you have any questions about our products or services?
Our experts will gladly assist you and look forward to your request. 1 3670876 -0Contact form

Expand your knowledge with our e-learnings on BPM & GRC.