Nourishing – ISMS according to ISO 27001 and B3S for the food industry and food retailing

As an industry whose products and services are essential for the supply of the population in an emergency, the food sector is one of the most critical infrastructures. For KRITIS operators from the food industry and food retailing, the applicable IT security lawrequires companies to protect their IT infrastructures by
  • Implementation of IT security minimum standards and
  • Introduction of an ISMS according to ISO 27001
The implementation can be done according to the BSI approved B3S standard for the food industry and the B3S standard for the food retailing. The goal is to enable companies in the food supply sector to ensure the proper operation of their relevant IT infrastructure on a permanent and sustainable basis. In summary, IT-supported procedures and processes are to be operated in such a way that technical faults and attacks are recognized and can be countered in an appropriate manner. To implement these requirements, the introduction and operation of an information security management system (ISMS), supplemented by a business continuity management system (BCM) for emergency and crisis management, is recommended. The Business Continuity Management (BCM) has the task of planning and testing the entire planning for the emergency in normal operation. Thus, BCM is an essential basis for emergency management, because in the event of an emergency of a personnel, IT-technical or process-related nature, the planning and documentation of Business Continuity Management can be accessed. At the same time, BCM is also considered an operational part of crisis management, because in the event of an emergency, the BCM plans are used by crisis management.

QSEC – Data protection and ISMS System for KRITIS operators

The ISMS system QSEC supports operators of critical infrastructures in the food industry and food retailing in implementing the complex requirements.

The QSEC system is an ISMS that works according to the requirements of ISO 27001 and completely implements its specifications. The specifications of the industry-specific standard B3S Food Industry and B3S Food Trade are also supported in QSEC.

An additional advantage of the ISMS system is that the requirements for data protection according to GDPR can also be implemented in QSEC. This combination of information security management and data protection creates significant synergy effects. The entire BCM process can be managed in QSEC via the BCM module of QSEC.

The workflow, wizard and task support with different user modes for experts and business users enables the user-friendly fulfilment of all requirements.

We would be pleased to show you how QSEC can support you in implementing your information security management system according to the requirements of ISO 27001 and B3S.


References & case studies


QSEC Online-Demo