• Why STREAM as an ISMS?
• How STREAM Delivers your ISMS

Solutions

Learn about the different ways STREAM is used

Industries

Find out which industries benefit from using STREAM

Resources

Want to download a datasheet? Go to our resources page

Contact Us

Use our enquiry form to contact us

ISMS - Information Security Management System

Are you looking to establish an Information Security Management System (ISMS), or streamline the maintenance of your existing ISMS?

Perhaps you want to extend your ISMS across a complex organisation or implement an Integrated Management System (IMS) covering multiple control standards and risk types?  

 What is an ISMS?

The ISMS provides the ‘Assurance’ (governance, risk and compliance) framework to identify and appropriately secure organisational information assets from security breaches/incidents of confidentiality, integrity and availability.

Many organisations establish an ISMS to become compliant with ISO 27001, the International Standard for Information Security Management. However, many more are looking simply to:

• Identify their key information assets...the many forms taken by such information and the requirements for protection
• Understand their critical information processing ‘infrastructure’...comprising information systems and networks, internal/external services, physical environments, personnel and third parties
•  Assess the key risks to information and supporting infrastructure...using a simple risk management process and risk assessment scheme which is meaningful to the business
• Identify and deploy relevant controls and Standards that both provide an assurance framework and also help to mitigate the key information security risks. Defined control standards may of course include or be derived from ISO 27001 plus other relevant Standards
• Plan and implement required improvements to controls, to mitigate information security risks
• Provide meaningful risk and controls based reports to meet the needs of senior managers, auditors and other stakeholders.

STREAM delivers all of the ISO 27001 requirements for an Information Security Management System, and provides simple and practical solutions to the more challenging aspects of establishing and maintaining ISMS.

Click here to read how STREAM as an ISMS can fully support all of these aims, by providing an effective ISMS / QMS / IMS for small business scopes or for complex, distributed organisations.

Register for email news

Latest

• Information Security Europe 2010

  Significant interest was expressed in the STREAM suite of products at Information Security 2010. It is clear that comprehensive risk and compliance management is becoming a key requirement for public and private organisations.

• STREAM Seminar - Ljubljana May 2010

  Richard Mayall presented a workshop in Ljubljana, Slovenia on 20 May 2010 on 'A better way to manage all your risks'. The workshop considered how STREAM can automate assurance management systems and support standards compliance.

• Risk appetite for information security

  Risk management best practice says that we need to manage risk in relation to risk appetite. But how do we do this for information security?

What are you looking for?