Information security management system (ISMS) in R2C_SECURITY

R2C_SECURITY is software for managing information security in your company. In today's world, information, information processing systems and data are exposed to many dangers.

  • Failure of technology,
  • human error,
  • force majeure,
  • cyber attacks,
  • organizational deficiencies

These are all risks for the security of information in companies. Numerous laws (e.g. IT Security Act, EU GDPR), regulations and industry-specific rules and standards (e.g. B3S, IT security catalog) therefore require systems and rules to ensure information security in a company in the long term. Information is now so important that protecting it is a top priority and must be ensured responsibly and continuously.

High information security thanks to ISMS software

A professional information security management system (ISMS) is crucial in order to successfully meet the requirements and challenges of information security in the company and to maintain the protection goals. ISMS software establishes procedures and rules for the permanent management, control, maintenance and continuous improvement of information security. An ISMS is designed in accordance with ISO standards such as ISO 27001 or the specifications of the BSI. Without the support of software-supported ISMS solutions, successful and long-term operation in accordance with regulatory requirements is not possible in the long term.

Services of the information security software solution in R2C_SECURITY

Schleupen GRC's ISMS software provides you with an efficient, open-standard tool for managing your ISMS processes that is tailored to your information security concepts. With our information management system, you can initiate, implement and monitor procedures and measures for information security and carry out continuous checks and improvements. R2C_SECURITY supports you in all phases of the process, from the selection of the relevant standards to the certification-ready organization.

The most important functions of our ISMS solution

  • R2C_SECURITY is a multi-client capable system.
  • The organizational structure can be mapped via the client hierarchy in order to map the scope of the ISMS for the organizational structure
  • The multi-client capability means that any level of organizational structure can be mapped
  • The ISMS software from Schleupen is an open standard system
  • The ISMS software enables you to work in accordance with the requirements of national and international
  • norms and standards, e.g. BSI IT baseline protection compendium, ISO 27001, 27002, 27005, 27019, 27701, B3S, BAIT, VAIT, TGK, NIST
  • Other standards, industry requirements, legal requirements, internal guidelines and company standards can be easily integrated and managed
  • The scope of application, i.e. which standards, specifications and guidelines apply to the ISMS, can be defined individually for the clients
  • Management of business processes and assets of any type, e.g. information, applications, IT systems, infrastructure, buildings, rooms, personnel
  • Mapping of business process and asset hierarchies in any depth
  • Designation of responsibilities, maintenance of descriptions and other detailed information as well as the option to define optional mandatory fields
  • Analysis of the impact of damage for individual business processes and assets on the basis of freely configurable damage scenarios
  • Implementation of protection requirement analyses for the protection objectives of confidentiality, integrity, availability and authenticity, including assets/business processes and automatic inheritance of protection requirements with configurable inheritance direction
  • Consideration of dependencies such as accumulation and distribution effects
  • Further protection objectives and assessment dimensions can be freely defined in the ISMS software and optionally activated
  • Implementation of business impact analyses (BIA)
  • Dashboards, reports and evaluations for monitoring business and time-critical business processes and assets
  • Upload documents via drag & drop
  • Interfaces for data import & export (manual, time-controlled and automatic)
  • Flexible expandability of the ISMS software with customer-specific features (customizing)
  • Recording and documentation of information security risks and classification into freely configurable risk categories
  • Designation of responsibilities using ISMS software
  • Integration of individual threat and vulnerability catalogs to carry out detailed risk analyses
  • risk analyses
  • Implementation of protection target-related risk analyses with automatically inherited impact
  • Extended risk assessment based on individual threat catalogs
  • Individual consideration of risks before and after the implementation of risk-reducing protective measures (gross/net consideration)
  • Definition of risk treatment strategies (e.g. reduction, avoidance)
  • Submission of declarations on the acceptance of residual risks
  • Dashboards, reports and evaluations for monitoring the risk situation
  • Drag & drop for uploading documents
  • Straightforward data import & export (manual, time-controlled and automatic)
  • Flexible expandability with customer-specific properties (customizing)
  • Recording and comprehensive documentation of protective measures, from planning and implementation to appropriateness and effectiveness testing as well as cost recording and scheduling
  • Designation of responsibilities
  • Linking of protective measures with requirements/controls from standards, legal requirements, internal guidelines and company standards as a basis for GAP analyses and audits
  • Sending email notifications to remind you when measures are due
  • Dashboards, reports and evaluations to monitor the degree of compliance
  • Upload documents via drag & drop
  • Interfaces for data import & export (manual, time-controlled and automatic)
  • Flexible expandability with customer-specific properties (customizing)
  • Quick recording and comprehensive documentation of information security incidents in the ISMS software
  • Appointment of incident handlers
  • Assignment of affected business processes and assets as well as risks that have occurred
  • Classification of the impact on the protection goals of confidentiality, integrity, availability and authenticity as well as assessment of criticality and damage incurred
  • Definition of protection and improvement measures

An audit is a quality management tool that examines whether the defined protection objectives have been achieved, the relevant security requirements are met and the company's critical assets are adequately protected. Internal and external audits as well as self-audits can be carried out in Schleupen's ISMS software. Which norms and standards, which sub-areas thereof or which business processes are to be audited can be decided according to the situation.

In addition to the comprehensive options within an audit, our ISMS software can define audit procedures for each audit checkpoint and document random samples and results. In the event of deviations, findings are created, comprehensively described and assigned to a responsible person. Standard evaluations and reports present the audit results in a reliable, transparent and comprehensible manner.

Our ISMS software offers effective management of your information security and is still very user-friendly and intuitively understandable. Benefit now from the numerous advantages of Schleupen's ISMS software:

  • Comprehensive lists and detailed views - Users can customize the columns displayed in a list and their order. In addition, lists have extensive sorting and filtering options that can be saved user-specifically.
  • Simple list export to EXCEL and CSV files - All lists can be exported as Excel or CSV files.
  • Full-text search - The integrated search function enables a full-text search for all transaction data created in the application and displays the search results in the legal context of the logged-in user.
  • Journal entries and change comments - All changes made to the element called up, e.g. to an asset, are automatically journalized. In addition, change comments can be entered in read-only mode. Changes, decisions and resolutions thus remain traceable even years later.
  • Atlases - Atlases contain a hierarchical representation (tree structure) of all elements that have been linked to each other. Atlases can be freely configured and created on a client-specific or cross-client basis.
  • My portfolio - the "My portfolio" overview page provides an overview of

Contact our experts

*: mandatory field