Simplify the implementation and certification of ISO 27001

 Professional Ready to Go ISMS

 IRM360 - ISMS

Information Security Management System for ISO 27001

Request a (online) demo

Time and cost saving, no spreadsheets required, intuitive and easy to use and scalable.

Simplify the implementation of the ISO 27001, TISAX, and other standards.

Full control over all activities in the ISMS, from assessments, risk analyses, audits, improvement tasks, etc.

Information Security Management System (ISMS)

The IRM360 management system gives you full visibility and control of an ISMS according to ISO 27001, and other standards that align with certification requirements.

The system is already filled with key items such as measure templates, and standards frameworks allowing you to get started right away.

  • All ISO 27001 management measures and Annex A measures are available including implementation templates of all required documents such as scope descriptions, SWOT analyses, compliance annexes, roles and functions, etc.
  • Insight into risks
  • Status and control of ISMS tasks based on Plan-Do-Check-Act and e-mail notification
  • Interactive declaration of applicability (with integrated link to the Risk Management System) and management review
  • External and internal audits (incl. planning) and audit templates
  • Register for improvements and deviations
  • Targets and KPIs
  • Filled with e.g. MAPGOOD threat set and linked to measures
  • Integrated Supplier Reviews
  • Filled with, among others, BBMCare information for healthcare based on information objects
  • Available for municipalities with BIO, BBM, BIO-MAPGOOD threat relationships, reference components including integrated ENSIA export tool

Manage risks in one place

  • Integrated risk management system with risk dashboard, risk register, risk analyses and treatments
  • 30+ Risk templates available (including threats and impact areas)
  • Extensive threat database
  • Automated Risk Treatment Measure Proposals including a link to your ISO 27001 Declaration of Applicability
  • Task-driven via the Plan-Do-Check-Act so everyone knows exactly what to do and risks are properly controlled

Simple implementation of all standards requirements based on the ISO 27001-2023

From the ISMS, you are presented with a simple and template-based step-by-step route to comply with ISO 27001 quickly and easily.

Through dashboards you can easily see the progress, of both the management system and associated measures as well as the Annex A measures.

ISMS- Verklaring-van-toepasbaarheid-2023.png
Businessman achter laptop.png

Continuous improvement and insight into tasks

Central to the ISMS dashboard is a complete overview of all ISMS tasks that still need to be performed, are in progress or have passed the deadline. You can no longer miss anything and even have steering mechanisms to easily push tasks through if they have been left somewhere because the task holder is off duty or absent for long periods of time. 

Continuous monitoring through an integrated audit and control system

Audit programs are quick to set up, schedule, or recur. Improvement actions are easily assigned and reusing evidence makes implementation easy.  This reduces audit pressure from involved employees and lowers your audit costs.

From the Internal Audit dashboard, the internal audit schedule can be visualized, including recurring audits, and open and expired tasks, and you can manage these tasks from here, either integrally or from a particular standard. Periodic audits are easy to set up.



Especially for organizations that focus on ISO 27001 for information security, we have developed specific awareness programs tailored to the aspects of Physical, Human, Organizational, and Technical as well as Privacy. This allows you to fit in well with the Annex A requirements from ISO 27001 that are applicable from 2022.

Read here about our integrated E-Learning management system, the Risk Awareness Management System (RAMS)

Integrated E-Learning for risk awareness

Risk awareness for information security is easily and integrally managed through the integrated E-Learning management system. Through our Risk Awareness Management System you can set tasks in our PDCA approach and even automatically include the results in, for example, a Management Review report. It enables an integrated approach so that your employees are not the weakest link but a strong link and you can easily show your organization or external auditor the risk awareness level of your organization.

Take a sneak peek below for a preview of our E-learning.

Templates and standards for SMEs, ICT, healthcare, government, corporations, education, accountants, etc.


Supported standards and frameworks:

  • Information security: ISO 27001, ISO 27002:2022, ISO 27017, ISO 27018, ISAE 3402, SOC 2
  • Privacy: ISO 27701 (Privacy management), AVG-CIP Privacy Baseline, AVG/GDPR, AVG-NOREA,
  • Cyber Security: CIS Controls, NIST CSF, IEC 62443, CSIR
  • Business Continuity: ISO 22301 (Business Continuity)
  • Quality, Environment, and Safety: ISO 9001, ISO 14001, VCA
  • Government: housing associations: Suwinet, Digid, AVG-VNG, ENSIA, BIC,WPG
  • Accountancy and financial services; AFM principles for information security, DNB accountability framework for information security

Where possible most of the links have already been made between norm controls from the standards and frameworks with the management measure sets.


Easy implementation to comply with ISO 27001

A clear roadmap is available for implementing the IRM360 Management Systems so that you can get started quickly and independently.

To support the implementation of various standards and frameworks, several Quick Start guides are available and checklists to support you in preparing for your external audits. 

IRM360 - Subscriptions

Depending on your subscription, the CyberManager Suite includes the ISMS, PIMS, CSMS, and/or BCMS management system

Subscriptiontypes & prices