CRISAM® BSI and GSTOOL Knowledge Pack The CRISAM® BSI and GSTOOL Knowledge Pack enables the use, evaluation and analysis of the BSI IT Grundschutz catalogues (in German: IT-Grundschutz-Kataloge) for your ISMS. Thanks to CRISAM® GSTOOL Import, existing data can be captured and further used. The BSI IT Grundschutz catalogues are issued by the German Federal Office for Security in Information Technology (BSI) and updated cyclically. Key features and benefits Contains the latest version of the BSI IT Grundschutz catalogues. Contains the CRISAM® GSTOOL Import to take over existing BSI GSTOOL data for the CRISAM® Risk Management Information System. Compliance and Reporting This Knowledge Pack contains the licensed BSI IT Grundschutz catalogues - thus, the compliance with the BSI measures catalogs can be assessed within CRISAM®. Contains the BSI compliance analysis report to demonstrate that your ISMS is in conformity with BSI IT Baseline Protection. As a result, the best possible support for preparing and gaining approved certification according to BSI IT Grundschutz catalogue is provided. The integrated mapping allows an immediate analysis of CRISAM® ISMS controls or existing BSI controls. Available in German. Figure 2: Spider chart in BSI compliance report IT basic protection CRISAM® GSTOOL Import Basic IT protection according to BSI IT Grundschutz includes standard security measures for typical IT systems with normal protection requirements. The measures required for the implementation of the basic IT protection are put together in measures catalogs. Measures necessary for the implementation of the basic protection measures are summarized in a catalog of measures. The measures are organized in layers: "infrastructure", "organisation", "personnel", "hardware / software", "communication" and "emergency preparedness". The detection and assessment of vulnerabilities in IT systems is carried out by means of risk analysis with CRISAM® catalogues. With the CRISAM® GSTOOL Import, data can be taken over from the BSI GSTOOL into the CRISAM® Risk Management Information System. The CRISAM® GSTOOL Import provides the following functions: Simple and precise takeover of existing GSTOOL databases. Direct processing of GS-TOOL export-data (.mdb). Use of the extended functionality of CRISAM® regarding business impact analysis, aggregation of risks, cost-benefit analysis, reporting capabilities and much more. The procedure for the takeover of data is very straightforward: 1. Export data in GSTOOL. 2. Create a CRISAM® project file with CRISAM® GSTOOL Import. Figure 1: Shows degree of compliance of CRISAM controls with BSI measures catalogs simple | precise | value-based | comprehensible calpana business consulting gmbh, Blumauerstraße 43 4020 Linz Austria, +43 (732) 601216 0, July 2014, subject to change without notice. Copyright © calpana business consulting gmbh. www.crisam.net, [email protected] Seite 1/2 CRISAM® BSI und GSTOOL Knowledge Pack 3. Using the CRISAM® project file in CRISAM® Explorer. Modelling The structure of the target objects stays fixed during import. Additionally, the evaluations of the specific modules are displayed in CRISAM®. Alternatively, the structure can be reversed during import. As a result, the modelling corresponds to the standardised CRISAM® display. Figure 3: CRISAM® GSTOOL Import The following data are taken over: Target objects Target object – security needs Target object – supplementary security analysis Target object – notepad Structure of target objects Assignment of modules Implementation of measures Costs of measures System requirements Revision of measures CRISAM® Explorer Measures – responsible staff Measures – notepad Figure 4: Modelling comparison GSTOOL / CRISAM® The following data are not taken over in this CRISAM® Knowledge Pack version: Customised modules and measures Additional customer-specific fields Evaluation of hazards: this risk analysis is no longer necessary as CRISAM® is used. Database users and roles; these have to be set up again when using CRISAM® Enterprise Servers. If needed, please contact your designated CRISAM® support expert. CRISAM® GSTOOL Import Microsoft Access 2010 Runtime 32-Bit or higher Microsoft Access 2010 32-Bit or higher GSTOOL Version 4.8 Export-Database with BSI Metadata up to supplementary delivery 12 Ordering information CRISAM-PK-BSI-1 CRISAM-PK-BSI-5 CRISAM® BSI Knowledge Pack, 1 Named User LTU CRISAM® BSI Knowledge Pack, 5 Named User LTU CRISAM-PK-BSI-10 CRISAM-PK-BSI-U CRISAM® BSI Knowledge Pack, 10 Named User LTU CRISAM® BSI Knowledge Pack, Unlimited Named User LTU simple | precise | value-based | comprehensible calpana business consulting gmbh, Blumauerstraße 43 4020 Linz Austria, +43 (732) 601216 0, July 2014, subject to change without notice. Copyright © calpana business consulting gmbh. www.crisam.net, [email protected] Seite 2/2
© Copyright 2024 ExpyDoc
