Information Security Medium-sized Businesses – ISIS12

ISIS12 was developed for implementation in small and medium-sized enterprises (SMEs) as a model for the introduction of an information security management system (ISMS). The basis are measures in accordance with the contents of ISO 27001 and IT basic protection, which are represented in 12 steps.

The introduction of an ISMS according to ISO 27001 is a complex task, which often leads to difficulties related to the introduction and implementation, especially for SMEs, because in many cases

  • personnel is limited,
  • the necessary expertise is missing, and
  • IT departments are often overloaded.

Here, the introduction of an ISMS according to ISIS12 can be useful. In addition, it is also possible to integrate data protection management into ISIS12 when proceeding according to ISIS12.

In the ISMS software QSEC, in addition to the procedure according to ISO 27001 and IT-Grundschutz, the procedure according to ISIS 12 with integration of the data protection requirements according to GDPR is also available.

Methodically and user-guided with comprehensive content, QSEC also offers maximum support in information security management for SMEs.

The version QSEC Easy Express offers an alternative to the procedure according to ISIS12, the complete procedure according to the requirements of ISO 27001 and is cost-effectively designed for the needs of small and medium-sized companies.

We would be pleased to explain you the possibilities and advantages of using QSEC for ISMS and data protection in SMEs.


QSEC norms and standards


QSEC Online-Demo