ISMS and DSMS as
external service

ISMS with CISIS12®– GCS – Geno Corporate Services GmbH uses otris software for implementation

GCS – Geno Corporate Services is a wholly owned subsidiary of the Genossenschaftsverband Bayern e.V. The company advises more than 200 companies that are close to the cooperative system. Its consulting services include external data protection management and information security management according to CISIS12®. In this area, GCS – Geno Corporate Services GmbH realises an optimal support of its clients through a lot of professional know-how and the use of the special software otris isms.

ISMS and DSMS as an external service

The range of services offered by GCS – Geno Corporate Services GmbH is broad and cross-sectoral. The services include taking over the tasks of the company data protection and information security officer. Clients who commission an external DPO or ISB expect an effective and compliance-compliant handling of sensitive, security-relevant tasks. An additional expectation of all clients is the improvement of efficiency: By awarding the mandate, in-house resources are to be spared or used for the core business.

The goal of an ISMS.
Frank Gundlach works at GCS – Geno Corporate Services GmbH and assists their clients as a consultant as well as an external Information Security Officer (ISB) and Data Protection Officer (DPO). The IT security expert summarises the requirements in the area of information security: “The goal of an ISMS is essentially to improve the information security of a company in a risk-oriented and continuous manner. In doing so, it is of great importance that the ISMS or the goals of the ISMS are oriented towards the organisation’s corporate goals in order to support the fulfilment of these.”

„We are very satisfied with otris - both with the system and with the advice.“

Frank Gundlach
Data Protection and Information Security Specialist, Genossenschaftsverband Bayern e.V.

The way to the goal with CISIS12®
To improve the information security of his customers and clients, Frank Gundlach relies on CISIS12®. The standard is a development of the IT-Sicherheitscluster e. V. and is used in particular by small and medium-sized organisations. “For many SMEs and municipalities, ISO 27001 certification is a major hurdle due to its scope and complexity,” says Frank Gundlach. “CISIS12®, on the other hand, is a low-threshold entry point that can be mastered even with manageable resources.” And companies that want to migrate to ISO 27001 at a later date, for example, have already laid a very good foundation with CISIS12®. GCS – Geno Corporate Services GmbH customers are supported both in the implementation and in the further development and maintenance within the framework of the PDCA cycle.

In use: otris privacy
GCS – Geno Corporate Services GmbH previously used otris privacy as data protection management software. After the extension with the ISMS solution, the company additionally uses the system for the information security management of its clients. Both to prepare the CISIS12 certification process and to maintain the certification status.

“Of central importance for our work is the risk management, reporting and monitoring of otris isms,” explains Frank Gundlach and summarises further advantages: Thanks to the rights management and web-based access, clients can be optimally involved. Furthermore, the flexibility is convincing: all common standards (e.g. CISIS12®, ISO 2700x, BSI IT-Grundschutz) can be mapped individually or in combination. And last but not least, it was an advantage for GCS – Geno Corporate Services GmbH that data (e.g. assets or processes) from the DSMS could be used for the information network in the ISMS.

Very satisfied with support and software.
GCS – Geno Corporate Services GmbH currently supports 20 mandates in the area of data protection and ISMS with the otris privacy SUITE solutions. The introduction of the system into the processes of GCS – Geno Corporate Services GmbH as well as at customer sites is running smoothly. Special adaptations were not necessary, as the solution offers sufficient scope to map the company’s own routines – e.g. for checklists or audit routines. “We are very satisfied with otris – both with the system and with the consulting”, Frank Gundlach describes the cooperation and adds: “The software fits our requirements perfectly and the consulting has an answer to every question”.

About GCS – Geno Corporate Services GmbH
Geno-Corporate Services GmbH or “GCS” for short is a subsidiary of the Genossenschaftsverband Bayern e.V. (Bavarian Cooperative Association) and is traditionally rooted in the Bavarian cooperative system. The clientele of GCS – Geno Corporate Services GmbH consists of around 200 different companies from the sectors of food production, food trade and food analysis, pharmaceutical trade, rural goods trade, travel agency, insurance and real estate services, manufacturing industry as well as social and charitable services and institutions. GCS – Geno Corporate Services GmbH has also established a comprehensive range of services for Volksbanks and Raiffeisenbanks, with which the company supports the local regional banks in meeting the increasingly extensive legal requirements.