+ISMS.1.A9 Integrating Information Security into Organisation-Wide Procedures and Processes [Top Management] (B)

1. Overview

ISMS.1.A9 Integrating Information Security into Organisation-Wide Procedures and Processes [Top Management] (B)

Information security MUST be integrated into all business processes and specialised tasks. In
so doing, it MUST be ensured that all necessary security aspects are not only taken into
account in new processes and projects, but also in ongoing activities. The Chief Information
Security Officer MUST be adequately involved in making security-relevant decisions.
Moreover, information security SHOULD be coordinated with other areas of an organisation
that deal with security and risk management.

Summary	Standard

1.1 References

1.2 Identified Requirements

1.2 Related Regulation

2. Identified Requirements

Requirements
Source	Requirement

3. Related Regulations

Regulations
Source	Regulation

ITGC -
Bundesamt für Sicherheiter in der Informationstechnik - IT-Grundschutzkompendium Stand 2022