Inside a deep fortress well with particularly strong walls and numerous windows that open onto two s

Process orientation in ISO 27001

Important information about the standard requirements – free white paper


The Process Approach in ISO 27001 – But How?

To effectively manage the ever-growing risks to information security and ensure secure business operations, organizations need a holistic Information Security Management System (ISMS). The revised ISO 27001 standard (2022) offers a simple and flexible approach to strengthening your organization’s resilience - regardless of its structure, size, or industry focus.

At the heart of the ISO 27001 standard are risk management and the process-oriented approach for planning, implementing and controlling necessary information security measures.
Our free whitepaper explains in detail the process-based and risk-driven approaches of ISO/IEC 27001, as well as the DQS audit methodology for an effective ISMS audit.

 

Cover sheet for English White Paper ISO 27001 Process Orientation
Leverage the Expertise of Our Standard Specialists
  • Process orientation in ISO 27001 reflects a foundational business mindset. Learn how integrating information security requirements into your core business processes leads to a more effective and efficient security strategy.
  • ISO 27001:2022 defines general requirements for an ISMS, including the necessary processes and their interactions. The process reference model from ISO/IEC TS 27022 enhances this requirements-based perspective by adding a practical, process-oriented viewpoint.
  • For process-based auditing of your ISMS, we’ve mapped the standard’s requirements and the 93 information security controls from Annex A into a graphical process landscape consisting of 18 ISMS processes (4 management processes and 14 operational processes).
  • Get insights into our process-focused audit approach, which not only assesses the conformity of your system but also promotes ongoing improvement.

 

Take the First Step to Strengthen Information Security in Your Organization

Download our free whitepaper “Process Orientation in ISO/IEC 27001” now as a PDF. Use it as a practical tool and valuable support for your internal audits.
Discover the standard’s core requirements and understand how in-depth knowledge can help you optimize your ISMS processes.

Simply fill in the form to the right and get immediate free access to expert insights and practical tips.

 

About the authors

Dr. Wolfgang J. Böhmer
Over 30 years of experience in IT and consulting, with a focus on software engineering, databases, networks, information security, and security-by-design across various industries. 15 years in research and academia. DQS Auditor and founding board member of CAST e.V. at TU Darmstadt / Fraunhofer IGD.

Dr. Holger Grieb
Lead Consultant specializing in Management & IT at KSI Consult UG & Co. KG, DQS Auditor, DGQ Examiner, and Lecturer in "International Management Systems" at Hochschule Fresenius.

Markus Jegelka
DQS expert in Information Security Management Systems and experienced auditor for ISO 9001, ISO/IEC 27001, and the IT Security Catalog under §11 Para. 1a/1b of the German Energy Industry Act (EnWG).