An “act of God” can damage hard drives and IT systems, even block access to servers. But what happens when, after an update, applications don’t work or data has been changed? Is data shielded from viruses, wiretapping, and theft? An ISMS can prevent exactly these kinds of catastrophes. Deployed properly, the system prevents problems from occurring, simultaneously slashing costs. Employees deliver better work; trust flourishes. The IT landscape and organizational processes are improved upon, and even existing structures benefit from the synergies generated from ISMS integration. Like many other processes, information security management systems are dictated by international standards: ISO 27001, ISO 27002 and ISO 27005. There are also clear management principles that must underpin information security: resources need to be freed up, and employees require training. Security processes have to become an integral part of company practice. The ISO standard stipulates that these processes are based on the PDCA model – or planning, doing, checking and acting (such as making adjustments or improvements). The course for ISMS officers offered by the TQU Akademie covers two modules, with an additional one training participants to become ISMS auditors. Companies looking to use ISMS in their management system will benefit from TQU Akademie’s special training session on integration.