ISMS Add-on (ISO 27001): Frequently asked questions
The ISMS add-on enables ISO 27001 risk management, risk assessments, and security catalog management in i-doit.
Installation
ISMS add-on cannot be installed
Solution: Install the ISMS add-on via the Admin Center:
- Download the current ISMS ZIP from the customer portal
- In the Admin Center under Add-ons > Install/update module, upload the ZIP
- Select the relevant tenant and install
ISMS version not compatible with i-doit update
Update the ISMS add-on to the required minimum version before the i-doit update:
| i-doit version | ISMS minimum version |
|---|---|
| v37 | 1.6.3 |
| v38 | 1.6.4 |
Error "isys_helper_color" not found
Solution: This occurs with outdated ISMS versions. Download and install the current version from the customer portal.
Importing catalogs
The ISMS add-on includes predefined catalogs that need to be imported via CSV after installation.
Path: <i-doit>/src/classes/modules/iso27001/Catalogs/
Available catalogs
| File | Content | Language |
|---|---|---|
ISO27001_2022_Massnahmen_AnhangA_de.csv |
ISO 27001:2022 Controls (Annex A) | German |
ISO27001_2022_Controls_AnnexA_en.csv |
ISO 27001:2022 Controls (Annex A) | English |
IT-Grundschutz-Kompendium_Elementare_Gefaehrdungen_de.csv |
Elementary Threats (BSI) | German |
IT-Grundschutz-Kompendium_Elementary_Threats_en.csv |
Elementary Threats (BSI) | English |
IT-Grundschutz-Kompendium_Anforderungen_de_2023.csv |
BSI Requirements (Compendium 2023) | German |
NIS2-Anforderungen_openkritis.csv |
NIS2 Requirements | German |
Performing the import
- Navigate to Extras > Import > CSV Import
- Upload one of the catalog CSV files
- Select the included import profile
- Start the import
Risk management
Risk assessment (Group): Link not working
Solution: Check whether the "Description" field exists in the category configuration. If accidentally removed, re-add it under Administration > Data Structure.
Inheriting risk assessments to object groups
The ISMS category "Risk Assessment (Group)" is linked to a report. The report defines which object types appear in the group view. The group assessment is automatically applied to the contained objects.
Detailed documentation: ISMS add-on in the Knowledge Base
Comments
0 comments
Please sign in to leave a comment.