In addition to the traditional forms present in the document kit in Word format, the system also includes forms in Excel format.

These modules, being designed with the intention of recording and analyzing data in relation to the organization’s objectives, have been defined as “management applications”.

These Excel applications allow you to “automate” the analysis of “input” data and obtain “output” results relating to information security levels.

The management applications of the document kit also allow, in relation to each asset class, to exercise statistical control over the security levels through:

  • Determination of an objective security level

  • The recording of data relating to the safety found
  • The return of a safety index (expressed on a scale ranging from 1 to 5)
  • The indication of the extent of the deviation between the goal and the result achieved
  • The description of the “state” of security the organization is in

Thanks to the management applications, all processes are subjected to statistical control which, unlike personal (and sometimes arbitrary) assessments, documents the effective effectiveness of the information security management system in a “quantitative and scientific” form.

Thanks to the graphic dashboards of the management applications, the user of the document kit can have a clear picture of the general performance of the system and the security performance of the various sectors of the organization such as:

  • Control of the context and of the interested parties

  • The control of the roles recognized by the system and the responsibilities attributed to the staff
  • Control of asset security levels
  • Control of the effectiveness of training
  • Monitoring of communication
  • Control of production activities
  • Control of the context and of the interested parties
  • The control of the roles recognized by the system and the responsibilities attributed to the staff
  • Control of asset security levels
  • Control of the effectiveness of training
  • Monitoring of suppliers
  • Identification and traceability of the product / service
  • Monitoring of non-compliant products / services
  • Monitoring of communication
  • Monitoring of safety indices
  • The control of audits and non-conformities