The Federal Office for Information Security offers an information catalogue about information security management in accordance with an IT basic protection including a detailed instruction how to implement management systems for the information security and risk analysis.
However, it is also possible to follow the internationally recognized DIN EN ISO/IEC 27001 standards with the best practices coming from the economy and measure proposals from the IT basic protection and to acquire the certification in accordance with the DIN EN ISO/IEC 27001 standards.
qsec® from the WMC company is available for the public authorities to implement and operate an information security management system. Further international standards such as the DIN EN ISO 9001, DIN EN ISO 14001, ISO 20000 norm, EU-DSGVO and many more can be indicated with qsec®. Further options are the guidelines coming from the federal data protection act.