Security Level Wizard

Security Level Wizard

The IT security status in the entire company should be transparent and measurable. Security level management (SLM) as a quality assurance system is part of the responsibility of the CSO (Chief Security Officer), CISO (Chief Information Security Officer) or CIO (Chief Information Officer). The implementation carried out in QSEC conforms to IEC 62443.

The goal of SLM is to actively determine the security status to

  • plan,
  • to be adjusted,
  • monitor and
  • improve.

The QSEC Security Level Wizard is designed for the SLM responsible in the company and serves for recommendation and confirmation of security levels. The user is intuitively guided through the different steps in order to ensure an efficient procedure.

The SLM responsible is able to identify the asset groups with high security levels. In the next step these are transferred to the managing director in order to be approved by him via the wizard.

Security-Level Management

QSEC Security Level

QSEC modules

Data-Protection-Management-System-QSECInformation_AssetsCompliance_Management_System
IT-Risk-kachelSecurity Incident ManagementMeasure-Management
Document-ManagementMaster-Data-qsecBusiness_Continuity_Management
Reporting-DashboardInterview-WizardInterview-transfer-Wizard
Compliance-WizardRisk-Assessment-WizardSecurity-Level-Wizard
Measure-Evaluation-WizardUsabilityTask-Manager
AdministrationTechnology

Risk Assessment Wizard

Risk Assessment Wizard

In our GRC tool QSEC®, regular assessments for risk evaluation can be performed. Assessments are internal checks/audits carried out in QSEC.
The risk assessment tool in our QSEC software increases the revision security to external audits (annual financial statement audits, internal revision and certification audits).
It enables the company to identify and minimize potential risks and to document the activities performed in an audit-proof manner.

The assessment cycles defined in the ISMS risk management guideline are defined in QSEC either

  • in the expert module on risk assessment planning or
  • with the help of the Risk Assessment Wizard.

The authorized QSEC user is guided through a guided workflow process with the help of the Risk Assessment Wizard:

  • Introduction with detailed explanations
  • Selection of the scope (business unit, related standards and assets) and
  • Status display of the current risk assessment
  • Definition of responsibilities and
  • Description of the assessment
  • Assessment period
  • Report with the status display

QSEC® Risk Assessment Wizard

After you have selected a scope, information on the current status of the current risk assessment (RA) is displayed. In addition to the start and end date, the POC is displayed based on the open and already evaluated asset groups.
An active risk assessment can only be completed by clicking on the “Complete Risk Assessment” button when the degree of completion is 100%. A new risk assessment can only be started as soon as the ongoing risk assessment (RA) has been completed.

QSEC modules

Data-Protection-Management-System-QSECInformation_AssetsCompliance_Management_System
IT-Risk-kachelSecurity Incident ManagementMeasure-Management
Document-ManagementMaster-Data-qsecBusiness_Continuity_Management
Reporting-DashboardInterview-WizardInterview-transfer-Wizard
Compliance-WizardRisk-Assessment-WizardSecurity-Level-Wizard
Measure-Evaluation-WizardUsabilityTask-Manager
AdministrationTechnology

Measure Evaluation Wizard

Measure-Evaluation-Wizard

The QSEC measure evaluation wizard simplifies the measure assessment with regard to

  • Cost efficiency and
  • Relevance for legal regulations.

The wizard offers a standardized and user-friendly interface that enables every user to carry out the task evaluation quickly and efficiently. The user is intuitively guided through the different steps of the assessment until completion.

 

Measure-Evaluation-Wizard

QSEC modules

Data-Protection-Management-System-QSECInformation_AssetsCompliance_Management_System
IT-Risk-kachelSecurity Incident ManagementMeasure-Management
Document-ManagementMaster-Data-qsecBusiness_Continuity_Management
Reporting-DashboardInterview-WizardInterview-transfer-Wizard
Compliance-WizardRisk-Assessment-WizardSecurity-Level-Wizard
Measure-Evaluation-WizardUsabilityTask-Manager
AdministrationTechnology

Interview Wizard

Interview Wizard

The QSEC Interview Wizard is used to collect the information assets in an interview. The simple process steps and the intuitive guidance through the interview enable systematic collection and processing:

  • Simple, self-explanatory software handling
  • Low training expenses
  • Descriptions and explanation of the processing steps
  • Software guidance without expert knowledge
  • An unintentional leaving of the recording process is not possible
  • Interview start via link
  • Recording or editing of business processes
  • Recording and processing of information objects and evaluation according to predefined protection goals
  • Entry or assignment of asset groups
  • Evaluation of the data protection attributes for each business process and information object (including the mass processing function)
  • Evaluation of the individually set additional attributes (e.g. ICS) for each business process and information object

Due to the process-oriented structure and the explanations of each process step, the Interview Wizard significantly simplifies the performance of interviews.

Interview-Prozess
The QSEC Interview Transfer Wizard is used by experts or interviewers to transfer the information assets collected during the interview. Recorded business processes, information and assets can be edited and double recorded information assets can be removed by drag & drop.

Only after the acceptance of the interviews, the data from the interviews is permanently imported into QSEC.

QSEC® Homepage Interview Wizard

Features (excerpt)

  • Simple, self-explanatory software handling
  • Low training expenses
  • Guided method of taking over the interview data by the expert
  • Automatic transfer of all existing business processes, information and asset groups the assignment and evaluation of the new ones
  • An unintentional leaving of the recording process is not possible
  • Start via link after approval by the interviewed person

QSEC modules

Data-Protection-Management-System-QSECInformation_AssetsCompliance_Management_System
IT-Risk-kachelSecurity Incident ManagementMeasure-Management
Document-ManagementMaster-Data-qsecBusiness_Continuity_Management
Reporting-DashboardInterview-WizardInterview-transfer-Wizard
Compliance-WizardRisk-Assessment-WizardSecurity-Level-Wizard
Measure-Evaluation-WizardUsabilityTask-Manager
AdministrationTechnology

Interview Transfer Wizard

Interview Transfer Wizard

The QSEC Interview Wizard is used to collect the information assets in an interview. The simple process steps and the intuitive guidance through the interview enable systematic collection and processing:

  • Simple, self-explanatory software handling
  • Low training expenses
  • Descriptions and explanation of the processing steps
  • Software guidance without expert knowledge
  • An unintentional leaving of the recording process is not possible
  • Interview start via link
  • Recording or editing of business processes
  • Recording and processing of information objects and evaluation according to predefined protection goals
  • Entry or assignment of asset groups
  • Evaluation of the data protection attributes for each business process and information object (including the mass processing function)
  • Evaluation of the individually set additional attributes (e.g. ICS) for each business process and information object

Due to the process-oriented structure and the explanations of each process step, the Interview Wizard significantly simplifies the performance of interviews.

Interview-Prozess
The QSEC Interview Transfer Wizard is used by experts or interviewers to transfer the information assets collected during the interview. Recorded business processes, information and assets can be edited and double recorded information assets can be removed by drag & drop.

Only after the acceptance of the interviews, the data from the interviews is permanently imported into QSEC.

QSEC® Homepage Interview Wizard

Features (excerpt)

  • Simple, self-explanatory software handling
  • Low training expenses
  • Guided method of taking over the interview data by the expert
  • Automatic transfer of all existing business processes, information and asset groups the assignment and evaluation of the new ones
  • An unintentional leaving of the recording process is not possible
  • Start via link after approval by the interviewed person

QSEC modules

Data-Protection-Management-System-QSECInformation_AssetsCompliance_Management_System
IT-Risk-kachelSecurity Incident ManagementMeasure-Management
Document-ManagementMaster-Data-qsecBusiness_Continuity_Management
Reporting-DashboardInterview-WizardInterview-transfer-Wizard
Compliance-WizardRisk-Assessment-WizardSecurity-Level-Wizard
Measure-Evaluation-WizardUsabilityTask-Manager
AdministrationTechnology