ISMS@ARTEMEON
ISMS & Information Risk Management Software
- Identification and classification of ICT-supported business functions and associated information assets and ICT assets in accordance with DORA Art. 8 Para. 1 and DORA RTS RMF Art. 4 and 5
- Digitization of ICT risk management in accordance with DORA RTS RMF Art. 15 - 17
- System-based protection needs assessments and security concepts, ICT risk management in accordance with DORA Articles 5 to 16
- Identification of the requirements for an asset based on the protection requirements for confidentiality, integrity and availability as well as the asset type
- Determination of protection needs, risk analysis, security concept and deviation register in accordance with BSI standards, BAIT and ISO 27005
- Setting up and managing an information network, e.g. with the levels of information clusters, processes, applications, IT components / configuration items, network infrastructure, buildings / rooms, service providers / contracts
- Vererbungslogik der Schutzbedarfe im Informationsverbund, Möglichkeit des Überschreibens von vererbten Schutzbedarfen
- Workflows for determining protection needs, target/actual comparison and security concept
- Deviation inventory and analysis of deviations from IS policy requirements
- Customer-specific design of IS specifications, threats, vulnerabilities with a set of rules for display
ISMS@ARTEMEON digitises information security management system (ISMS) and information risk management.
ISMS@ARTEMEON allows to describe the information network in a structured manner, to map all relevant assets (e.g. business processes, data clusters, applications, hardware, infrastructure, buildings) to determine protection requirements, to inherit these within the information network and to comprehensively manage information risk.
ISMS@ARTEMEON digitizes the management of IS requirements or IS policies, threats, vulnerabilities, the documentation of protection needs and deviations from IS requirements as well as the creation of security concepts and the deviation inventory.
ISMS@ARTEMEON supports essential information security and information risk management processes. This includes protection needs assessment, gap analysis, risk analysis and controls as well as information risk management. Workflows and contents are compliant with requirements such as DORA chapter II, art. 5 - 16 (ICT risk management), EBA Guideline EBA/GL/2019/04, BAIT (KAIT, VAIT, ZAIT), ISO/IEC 27000 series of standards as well as the national standard of the BSI Grundschutz.
ISMS@ARTEMEON is used by our financial services clients to efficiently and effectively implement a regulatory compliant information risk management.