Tool Overview:
isms
Overview
Based: United Kingdom
Contact: https://www.isms.online/contact/
About ISMS
ISMS.online is a software platform for managing information security compliance across multiple frameworks and standards. The platform serves as a centralized repository for security controls, compliance documentation, and risk management. Created by information security experts, it supports over 100 compliance frameworks including ISO 27001, ISO 27701, NIST CSF, NIST 800-53, SOC 2, and HIPAA.
What does ISMS do?
The platform functions as a single source of truth for compliance management, eliminating the need for spreadsheet-based tracking. Through its interface, users can assess security controls, identify compliance gaps, and monitor the effectiveness of their information security management systems. The software includes capabilities for threat intelligence gathering, which can be automatically populated via RSS feeds and emails.
A key feature is the platform's integration system, which connects with over 5,000 external platforms to streamline process management and evidence collection. This allows organizations to connect their existing security and business tools, reducing manual documentation tasks. The platform provides tools for vendor risk assessment and supply chain management, enabling organizations to evaluate supplier security postures and manage related contracts.
What makes ISMS different?
The platform takes a foundation-based approach to compliance, using ISO 27001 as the base framework upon which additional compliance requirements can be layered. This architecture allows organizations to manage multiple compliance frameworks within a single system while minimizing redundant work. For organizations pursuing TISAX certification, the platform provides pre-configured tools and frameworks accessible immediately upon login.
ISMS.online includes a public API that enables development teams to integrate the platform with existing security incident management systems and other tools. The API supports multiple programming languages including Python, JavaScript, and Ruby, with documentation providing working code snippets for quick implementation.
Use cases and industries
The platform caters to organizations across various sectors including healthcare, legal, retail, and public sector entities. Healthcare organizations use it to manage HIPAA compliance and protect electronic protected health information. Legal firms employ the platform to secure client data and manage supply chain risks. Government agencies utilize it for handling Controlled Unclassified Information (CUI) and meeting NIST SP 800-171 requirements.
For organizations in the automotive industry, the platform provides specific support for TISAX certification, VDA 6.3 compliance, and IATF 16949 standards. The system includes measurement and reporting capabilities that allow users to track supplier data management, monitor staff compliance, and generate real-time insights through management system dashboards.
Organizations can control access to their compliance data through role-based permissions and share relevant information with stakeholders as needed. The platform includes features for managing policy documentation, tracking policy acknowledgments, and monitoring KPIs against management system objectives.
Pricing
Pricing information not available.