Protection Needs Analysis and ISDS Concept

The «IT-Grundschutz» sets out binding minimum organisational, personnel, and technical security requirements in the field of information security. For every IT protection object, at least IT-Grundschutz must be implemented. A simple analysis of protection objects is envisaged. If this protection-needs analysis (Schuban) concludes that a higher level of protection is required, then an Information Security and Data Protection Concept (ISDS concept) must be developed.

Request offer

Selected references on the subject

Methodology for Schuban and ISDS Concept

We are pleased to support you in the preparation of protection-needs analyses (Schuban), to review or coordinate their creation, and to serve as a competence centre for your staff. Typically, we are only involved when, as a result of the Schuban, an Information Security and Data Protection Concept (ISDS concept) becomes necessary.

As the ISDS concept is much more extensive than a Schuban and internal resources are often limited, our clients are happy to draw on the expertise of our information security specialists, who develop the concept using existing documentation and discussions with your experts.

The work is carried out in the following steps:

  1. Study of existing documents
  2. Interviews with subject-matter experts
  3. Creation of the ISDS concept, including risk analysis, in accordance with the applicable federal (BACS security procedures) or cantonal requirements
  4. Provision for professional review by subject-matter experts
  5. Finalisation of the documents and submission for approval/signature

Deliverable

The ISDS concept, together with the risk analysis, is handed over to the client upon completion. The general structure of the ISDS concept is as follows:

  • General
  • Executive Summary
  • List of security-relevant documents
  • Classification according to CyRV (protection-needs analysis)
  • Security-relevant system description
  • Risk analysis
  • Emergency / contingency concept
  • Compliance / verification of protective measures
  • Testing / acceptance of information security functions
  • Decommissioning
  • Confirmations

Your Advantages of Developing an ISDS Concept Together

By commissioning Redguard, you not only benefit from experienced information security specialists but also from a proven methodology for creating ISDS concepts. Together, we complete the concept efficiently, purposefully, and with a reasonable level of effort.

Do you have questions or need support in creating an ISDS concept, or do you want to further improve your cyber setup? We look forward to your contact.