What is CISIS12®?

Further development of the previous versions ISIS12 1.9 and ISIS12 2.0. CISIS12®-focuses on Riskmanagement:

  • Compliance and related processes
  • Structured structure: Standard, catalog of measures, audit scheme
  • References to relevant standards and catalogues oft measures from BSI-IT-Grundschutz and ISO/IEC 27001
  • Integration possibilities of industry-specific standards and catalogues, such as TISAX, B3S-KRITIS
  • Supplemented by: Manual, training concept
  • Software with project management, DSGVO module, document control

Renaming from ISIS12 to CISIS12®

Launch of ISIS12 V3 => new name CISIS12 (Compliance InformationsSIcherheitsmanagementSystem in 12 steps)

Reasons for the renaming

– Stronger addressing to the management level

– The topic of compliance is therefore is being brought more to the foreground

– For marketing reasons


We strongly recommend the use of a supporting software for CISIS12®. We have therefore contracted with various software manufacturers for the use of ISIS12/CISIS12®. You can currently find these under the Software section of the ISIS12 website.

The following information on the individual solutions comes from the self-descriptions of the providers. We endeavour to provide a list as complete as possible. However, we can neither express a recommendation nor currently provide information on the specific functions in each case. We therefore ask the consultants to contact the software companies in each case.

CISIS12® in your software solution

Software companies can contact at any time Dr Matthias Kampmann, Matthias.Kampmann[ -/ @ -/ ]it-sicherheitscluster.de.

Preliminary information: In order to integrate the CISIS12® catalogues into software or to programme CISIS12® software, a software licence agreement between the software company and the IT security cluster is required. Without this, CISIS12® information and processes may not be used in software.


Audit & Certification

Audit und Certification:

  • by two DAkkS-accredited certifiers
  • Confirms conformity to CISIS12® standard
  • Minimizes the liability risks of an organization
  • Can lead to audit in approx. 12 months
  • provides the best prerequisites for further development in the direction of ISO 27001