Information Security Management System according to ISO/IEC 27001 and BSI standard (IT-Grundschutz)

The ISMS and data protection software QSEC sustainably supports the establishment and operation of an information security management and data protection management system according to the requirements of ISO/IEC 27001, the BSI standard (IT-Grundschutz) and the GDPR.


Marcel Reifenberger, Chief Information Security Officer & CSO CANCOM SE:

“Of course, no tool will fix the problem of missing processes or change organizations on its own. A tool is also not intended for this. Even with QSEC, input and maintenance costs continue to arise, but these are massively relativized by the outcome.
We see another big advantage in the transparency, not only with regard to risks and their effects. QSEC also creates transparency about the structures and dependencies in companies. This is an advantage that should not be underestimated, especially in organizations that have to react quickly to changes in the market or that are growing strongly inorganically.

We have taken a successful path with QSEC and feel that WMC is a cooperative partner on our side!”


The most important 12 advantages of working with the ISMS software QSEC in information security and data protection management:


  • Company-wide implementation of the same methodical procedureaccording to PDC methodology and meaningful reporting for the management on the basis of valid data
  • Establishmentof resource-optimized operational risk management through automatic aggregation and evaluation of information and workflow-supported data collection from specialist departments with reduced effort and expense, and its integration into the evaluation process of ISMS and data protection experts
  • Controllability of ISMS and data protection activities through just-in-time listing of risks including the financial impact
  • Increased user acceptance and low training costs through intuitive workflow process support
  • Maturity levelimprovements on valid comparable and aggregated data. Management decisions based on current and detailed evaluations (reporting) Management decisions based on current and detailed evaluations (reporting)
  • Audit-proof, complete history of all activities and uniform presentation of audit documentation, controls and evidence across standards
  • Verifiability of all compliance activities and thus image enhancement, competitive advantages and liability reduction
  • No unnecessary duplication of data, – the business processes recorded in the ISMS software QSEC are available in all areas and modules of QSEC at any time
  • Controlled investment in (IT) measures through knowledge of the really critical processes and consideration of the profitability of measures in relation to the amount of damage
  • Reduce duplicate work and expenditures in action management by identifying and dealing with them.
  • Daily updated status in ISMS and data protection management, thus reducing internal and external resources and costs for audits
  • Exploitation of synergy potentials by combining data protection and information security management

ISMS-Software QSEC – Advantages and benefits



  • Complete:
    All necessary modules for information security and data protection management are completely included in the basic version and are mapped in an integrated way.
  • Multi-Norm/Standard-Compliance:
    Multi-Norm/Standard-Compliance in QSEC allows you to work according to the requirements of various other internal and external standards
  • IMS and ICS functionality:
    If desired, QSEC can be extended to a holistic integrated management system (IMS) and/or internal control system (ICS) according to various industry and company specific standards and specifications.
  • Content:
    All content in the form of methodology, including all best practices and sample documents are part of the QSEC standard.
  • Multi-client capable, multilingual with extensive customizing functions:
    The ISMS tool QSEC can also be used internationally throughout the group and has extensive customizing options in the standard version for individual specifications, even for far-reaching customer requirements.
  • Quick implementation and exact planning of the total costs:
    In addition to license costs and software maintenance, the introduction of QSEC is possible quickly due to the high standardization in relation to a basic introduction and can be planned exactly in terms of costs.
  • Long-standing established product with permanent further development:
    With QSEC WMC looks back on more than 12 years of experience in software development and implementation
  • „IT-Security made in Germany“
    QSEC complies with the requirements of the trust marks “IT-Security made in Germany” and “IT-Security made in Europe” which is today managed by TeleTrusT Bundesverband IT-Sicherheit e.V. The criteria are: TeleTrusT