ISM tool for large organisations with individual requirements

 

Individual work areas and evaluations

Customise the user interface for specific tasks quickly and easily, and distribute these via a direct link to the persons-in-charge. Define any tabular evaluations of the data and make them available in Excel format or via a link.

Use in highly regulated and critical environments

Versioning, historicization and individual release processes ensure that the change history is fully traceable and audit-proof. The HiScout authorisation system, with comprehensive roles- and rights control, protects your data from unauthorised access.

Client administration with a pre-configured authorisation system

HiScout client management is successfully used in complex organisations with numerous independent sub-units. Individually determine whether the data is to be used generically or only client-based. Clients and authorisations can be administered centrally or de-centrally and can be set up automatically.

A common data pool for ISMS, data protection and emergency management

The HiScout ISMS tool can be set up as an integrated management system with a common database. Use your organisational master data, protection requirement assessments, risk analyses and action planning generically across the  HiScout ISMHiScout Basic ProtectionHiScout Data Protection and HiScout BCM modules.

HiScout technology is upgradeable and future-proof

The HiScout GRC Software is a browser-based multi-user application which does not require any installation on the client-side. 100% of the development and support are carried out in Germany. The data model and user interfaces of the HiScout Platform can be upgraded and expanded at any time without requiring programming skills, in order to reflect new and future requirements.

HiScout GRC News

Newsletter

Exciting news and interesting facts on HiScout products and topics

Sign up for Newsletter
Kalender Icon für HiScout Termine

Important Dates

Important industry events, HiScout webinars and online seminars at a glance

To Overview
Glühbirne Icon für HiScout Magazin

Magazine

HiScout articles, publications and press releases

To the Topics
HiScout Mitarbeiter am Telefon, um über GRC Tools, BCM, ISMS, Grundschutz und Co. zu sprechen
©
Friends Stock – stock.adobe.com

Advising services at eye-level

We are experts in the field of information security! Let us collectively find the best solutions for your organisation.

+49 (30) 33 00 888-0
sales@hiscout.com

Mapping and automation of individual security processes

Data collection using online questionnaires

Data is collected from employees and service providers directly on-site in an automated process and read-into the HiScout database after verification. You can create your own questionnaires with the HiScout Questionnaire add-on.

Automated security processes

Security incidents, risk analysis, protection requirement assessments, and tracking of measures can be supported via automated processes. Internal and external stakeholders are actively notified. You can define your own workflows with the HiScout Business Logic Engine.

Seamless integration in to the existing tool landscape

Incoming and outgoing interfaces of HiScout DataExchange merge data from different systems and ensure high data quality.

Role and process-focused reporting

Integrated live reporting for each work step provides the persons-in-charge with the latest information. You can create your own management reports with HiScout DocGen.

Additional wealth of knowledge thanks to the BSI-Basic Protection-Compendium

The HiScout ISMS tool contains the full functional range of the HiScout Basic Protection module and the current IT Basic-Protection-Compendium of the German Federal Office for Information Technology Security (Bundesamt für Sicherheit in der Informationstechnik or BSI). The basic protection modules are available to you as reference. In risk analysis, you can directly take over the threats and security measures stored in BSI.

ISMS tool for KRITIS

In cooperation with SEPRO Consulting and KIK-S, we have especially put together an offer for energy suppliers having operators of critical infrastructures. Click on ISMS4Energy for more information.

ISMS – Setup and certification of your information security management system in the PDCA cycle

The HiScout ISMS software supports you throughout the entire PDCA cycle. Your Information Security Management System (ISMS) must constantly be adapted to the changing processes within the organisation – including the new technology, newly discovered weak points and new legal conditions. The PDCA cycle, which originates from Quality Management is, according to William Edwards Deming, an established procedure to set up management systems and continuously improve them.

  1. PLAN –Taking stock, defining goals and action planning

    Management system basics
    Store all sets of rules and regulations, the specifications agreed upon contractually and individual industry norms (e.g. SOX, Euro-SOX and BAIT) in one system. Central norms such as ISO 2700X and COBIT are regularly updated. Administer your company’s entire IT security organisation, process descriptions and meetings.

  2. DO – Implementation of the measures

    Master data management and determining protection needs
    Record and maintain your assets such as IT systems, applications, services and external service providers, as well as their logical and technical connections and dependencies. Determine the protection needs of the assets from the perspective of those responsible and have them passed on automatically along the recorded structures.

    Risk analysis and action planning
    Risk analysis can be carried out according to common market standards such as ISO 27005, ISO 31000 or BSI 200-3, and can be adapted to individual needs. Classify the hazards into risk classes by specifying their probability of occurrence and amount of damage. Assign threats to the target objects. Then plan the necessary security measures, including expenses for integrated cost planning.

    Action management
    For generic processes, the implementation of security measures is documented in the central action management via tracking and reporting. Role-based work areas, predefined workflows and automatic notifications, (e.g. for expiring implementation deadlines) help you in ensuring that the processing is reliable and time saving. Get a quick overview on the current status of the management system at any time.

    Handling security incidents
    The control and documentation of security incidents runs in a fully standardised manner with HiScout, and is fully transparent.

  3. CHECK – Success control and monitoring goal-attainment

    External audits and self-assessments
    HiScout maps the entire audit and self-assessment process – from planning content and criteria, to recording the degree of fulfilment and any deviations – up to their treatment through measures. Clear and management-friendly reports of the entire audit process are created at the touch of a button. You can carry out the data collection de-centrally and automatically in HTML or PDF format with the questionnaire function in HiScout Questionnaire.

  4. ACT – Elimination of deficiencies and improvements

    The cycle starts anew
    Thanks to the high level of flexibility and adaptability of HiScout, continuous improvements in your procedures and security processes are quickly stored in HiScout. In contrast to statically implemented tools, you can carry out these changes economically and without programming efforts.

Questionnaire

A clever add-on which saves you lots of time and effort.

Discover Now!

Product Sheet

You will find all the essential information on the HiScout ISM module here.

Request Now!

Synergies

A common software for different management systems – saves time and effort.

Work more efficiently!
No cookies requiring consent are used on the HiScout website. By continuing to browse the site, you agree to the use of other cookies. Website visits are analysed anonymously and in compliance with data protection regulations using the web analysis tool Matomo. Further information can be found in our privacy policy.