Nourishing – ISMS according to ISO 27001 and B3S for the food industry and food retailing

As an industry whose products and services are essential for the supply of the population in an emergency, the food sector is one of the most critical infrastructures. For KRITIS operators from the food industry and food retailing, the applicable IT security lawrequires companies to protect their IT infrastructures by

• Implementation of IT security minimum standards and
• Introduction of an ISMS according to ISO 27001

The implementation can be done according to the BSI approved B3S standard for the food industry and the B3S standard for the food retailing. The goal is to enable companies in the food supply sector to ensure the proper operation of their relevant IT infrastructure on a permanent and sustainable basis. In summary, IT-supported procedures and processes are to be operated in such a way that technical faults and attacks are recognized and can be countered in an appropriate manner. To implement these requirements, the introduction and operation of an information security management system (ISMS), supplemented by a business continuity management system (BCM) for emergency and crisis management, is recommended. The Business Continuity Management (BCM) has the task of planning and testing the entire planning for the emergency in normal operation. Thus, BCM is an essential basis for emergency management, because in the event of an emergency of a personnel, IT-technical or process-related nature, the planning and documentation of Business Continuity Management can be accessed. At the same time, BCM is also considered an operational part of crisis management, because in the event of an emergency, the BCM plans are used by crisis management.