ISO 27001:2013 Basic Data
(required fields are marked with an *)
Enter DQS office here, (e.g. DQS BIT GmbH, DQS GmbH, etc.)
Enter your reference number here, if you are already a DQS customer
EAC, SIC, etc.
Scope of ISMS
Please enter the scope of your information security management system
Please enter the name of your ISMS representative
Contact email address
Factors related to business and organization
Type(s) of business and regulatory requirements
1. Organization works in non-critical business sectors and non-regulated sectors
2. Organization has customers in critical business sectors
3. Organization works in critical business sectors
Process and tasks
1. Standard processes with standard and repetitive tasks; lots of persons doing work under the organization’s control carrying out the same tasks; few products or services
2. Standard but non-repetitive processes, with high number of products or services
3. Complex processes, high number of products and services, many business units included in the scope of certification (ISMS covers highly complex processes or relatively high number or unique activities)
Level of establishment of the MS
1. ISMS is already well established and/or other management systems are in place
2. Some elements of other management systems are implemented, others not
3. No other management system implemented at all, the ISMS is new and not established
IT infrastructure complexity
1. Few or highly standardized IT platforms, servers, operating systems, databases, networks, etc.
2. Several different IT platforms, servers, operating systems, databases, networks
3. Many different IT platforms, servers, operating systems, databases, networks
Dependency on outsourcing and suppliers, including cloud services
1. Little or no dependency on outsourcing or suppliers
2. Some dependency on outsourcing or suppliers, related to some but not all important business activities
3. High dependency on outsourcing or suppliers, large impact on important business activities
Information System development
1. None or a very limited in-house system/application development
2. Some in-house or outsourced system/application development for some important business purposes
3. Extensive in-house or outsourced system/application development for important business purposes
Where the ISMS is controlled and monitored.
Number of employees
Please enter just numbers.
+ add location
Location = A location is independent and can deviate from the central requirements of the ISMS and make its own rules; the location has a local ISMS organization which is subordinate to the central organization.
Satellite = A satellite is not independent and can not deviate from the central specifications of the ISMS, the site has no local ISMS organization and can only be local in the controls A8, A11, A16.
Data Center = A location where a data center is operated without its own employees.
We confirm, that all necessary documents, even if they are indicated as confidential, will be presented to the auditor during the audit. If we cannot agree, we will offer DOS a list of documents which cannot be seen during the audit. If this happens DOS will check, if nevertheless the audit can be performed as planned.
Do you want to reset the form and delete all values?
Your data have been successfully submitted.
DQS BIT GMBH
Die DQS BIT GmbH fokussiert auf die
Impressum & Datenschutz
Branchen Bildung und IT.
DQS BIT GmbH © 2018 all rights reserved