Companies that Trust Us
What is ISO/IEC 27019?
ISO 27019 is the information security management standard applied to process control systems (PCS) and used in the energy utility sector to manage the production, generation, storage, or distribution of electricity, gas, oil, or heat and exercise control of associated supporting processes.
It is based on the ISO 27001 and ISO 27002 standards and thus can be easily integrated into a new or existing information security management system such as Compliance Aspekte.
Benefits of ISO 27019 certification for businessGet in touch
- Obtaining the globally recognized certification proves the effectiveness of your security measures and ensures the trust of your stakeholders and partners
- The ISO 27019 certification helps businesses in the energy utility industry to effectively meet and prevent man-made threats such as cyber-attacks caused by hackers, cyber terrorists, insiders, and competitors
- The standards also assist companies in coping with dangers caused by natural disasters, electro-mechanical failures, malware
- ISO 27019 reduces inherited vulnerabilities in processes or systems such as PCS that are vulnerable to various cyber threats because they are connected to the internet and networks.
- Many businesses in the energy utility sector are considered critical infrastructures and thus must comply with specific standards to secure their PCS and provide business continuity in various circumstances.
See our simple, powerful platform in actionBook a demo
How ISO 27019 certification with Compliance Aspekte works
The Standards Compliance Manager supports the information security management guidelines of ISO 27019 based on ISO/IEC 27002 for process control systems specific to the energy utility industry. It covers security compliance assessment, risk management, performance control, and monitoring all in one place.
Before implementing the standard, it is necessary for companies to conduct a risk assessment to see if there are any additional country- and/or company-specific requirements they have to comply with. Our solution allows uploading the specific required regulations and immediately starting working with them.
Further, you can choose the appropriate controls:
- General controls to reduce risks (e.g. controls from ISO 27002)
- Specific controls from ISO 27019
- Additional company-specific controls
Compliance Aspekte is very user-friendly and customization is easy. We can conduct ISO compliance, and data protection…we can make anything we want in one tool. And this is the only tool with which it is possible. It helps us to keep the data consistent and simplify audits. The Compliance Aspekte tool is better than the existing competitors on the market and at the same time cheaper.
One of the features we like best about Compliance Aspekte is its streamlined compliance process. The interface has a clean and structured design, ensuring usability and workflow speed. This not only results in a steep learning curve for new users but also lets experienced users minimize effort. At every stage during the security management lifecycle process, recurring tasks like scoping, structural analysis, modeling, and even tracking risks and controls are supported by a variety of features, e.g. mapping controls with multiple requirements, assigning individual assets to different scopes as well as expanding requirement and control catalogs. On top of that, the performance of the platform is great – it is stable and good in terms of speed efficiency. Having Helga, the compliance assistance bot, is also a very special plus as she can explain terms and provides guidance through the application. We really love and live Compliance Aspekte!
We’ve been staying with Compliance Aspekte for a long time as it is one of the most convenient and flexible compliance tools on the market. With this tool, we can easily create our own assets, and asset types, import risk catalogs, create our own controls, define our own requirements in regard to the assets, pack them into modules, and then automate everything in a flexible way. Among the other decent features that we take advantage of, are user-friendly gap analysis, the possibility to switch from a tree view to grids, and extensive collaboration functionality. Overall Compliance Aspekte significantly reduces the time spent and the risks of mistakes.
Benefits of implementing ISO 27019 with Compliance AspekteGet a non-binding trial
Reliable software with a clear user interface
Holistic approach to creating and maintaining an ISMS according to ISO 27001 and ISO 27019
Regular software updates to the latest versions of the standards
Effective coordination of assets according to your business objectives
Extensive risk management system: adaptable catalog of threats specific to your organization
Implementation of all information security and data protection standards of your organization within a single tool
Easy adaptation of ISO 27001 ISMS to ISO 27019
- Ability to add and review Inventory analysis with controls and requirements;
- Possibility to work with and enhance any threat catalogs, requirements and controls specific to your company;
- Visual distinctions of the added controls (with a tag “Energy”).
Book a demo and get a free 3-monts test
Effective and easy-to-use IT security management system based on the latest standards and regulations — from planning and establishing the security concept to certification.