Document Management System (DMS)
Document management and document control play an important role in information security management. A certification according to ISO 27001 is also only possible if a relevant procedure has been established.
Considering the multitude and diversity of documents associated with the ISMS, it must be acknowledged when setting up a document management system (DMS) that these documents are of an internal and external nature and can exist in a variety of forms (paper, text files, tables, as video or audio files).
Furthermore, a methodical approach is important when implementing a document management system to ensure that the responsibilities and processes involved in handling the documents are identified and clearly defined (e.g. for approval, distribution, archiving, updating, versioning, historization).
The GRC / ISMS software QSEC enables the transparent document management of all documents associated with the ISMS according to the listed criteria. In addition, the user can access or store the associated documents in QSEC at any point in the information security management process.
All responsibilities are traceable and every change to a document is recorded and historicized in an audit-proof manner.
Contract management for data protection can also be depicted via the QSEC document management.
If you want to connect an existing document management system in your company with QSEC, this is possible in a similar way.