The current three-level security system for information systems, known as ISKE, is valid until December 31, 2023. After this date, it is mandatory to implement the Estonian Information Security Standard (E-ITS). E-ITS has undergone a major change compared to its predecessor, ISKE, offering a much broader scope and clearer requirements. While ISKE applied solely to data collections, the new E-ITS extends to the entire organization, including business processes.
PlanPro allows to manage E-ITS modules, risks, and measures within a single tool. This solution includes capabilities essential for effective risk management, including a risk register, risk analysis, risk assessment, management of measures and incidents, email notifications, and reporting. To assess impact and likelihood, you can create desired scales, and the system automatically calculates the risk level based on a 4×4 matrix formula.
PlanPro is a platform that can be configured using classifiers, for example, you can create custom forms for managing equipment and assets etc. It also supports various risk assessments that encompass the entire organization, such as workplace risks, by using PlanPro’s survey creation and execution capabilities.
Of course, other risks, measures, activities, and projects can also managed here, not only those related to E-ITS. In addition, there is also incident management functionality – ensuring that risks and incidents are in one picture. Iti is also important that PlanPro enables the linking of risks and measures to the organization’s strategy and services.
The software features a powerful reporting module that allows for generating Excel files based on various parameters. It supports the annual updates and relevance of E-ITS – PlanPro can accommodate different risks and measures in various annual plans, even old data remains in a task log.
It is especially important that in PlanPro E-ITS does not remain just a formality managed by the information security manager or risk manager – measures become tasks with priorities, responsible parties, and deadlines. These measures become part of everyday work and are visible on employees’ tasklists. The system also sends automatic email notifications, and different views in the software allow measures to be displayed as scheduler, kanban board view, or even Gantt charts. They can be viewed in relation to business processes, assets, and more, with various filtering options. User rights ensure that software users only have access to the information they need for their work.
PlanPro is already in use in many public sector institutions, including for risk and incident management. Therefore, there’s no need to invent a new solution, which in many cases doesn’t support existing processes.
Instead of using an Excel spreadsheet, opt for a professional IT system that ensures data integrity and helps transform risk management into a continuous process.
Starting from the beginning of 2023, the implementation of the Estonian Information Security Standard (E-ITS) is mandatory for all providers of essential services and public sector institutions in Estonia. The current three-tiered standard security system for information systems, known as ISKE, is in effect until December 31, 2023. By that time, all ISKE implementers are required to transition to the new information security standard, E-ITS. Additionally, the group of obligated E-ITS users has expanded, and they must implement the standard for the first time. Implementing an information security management system in accordance with E-ITS ensures better protection for organizations and their data as a whole.
PlanPro can be a valuable tool for your organization to assist in implementing E-ITS!
Follow us on social media:
Täitke palun kontaktivorm ning võtame teiega ühendust.