SIGS Afterwork Event in Berne – How to manage ISMS

Save the DateKlick for the .ics file to save the date

Target Audience Information Security Professionals
CIO’s, CISO, IT Manager, Security Officer, Security Architects and Engineers – all from end customer side who are interested in IT Security

From Consultancies and Resellers/Integrators are only technical peoples allowed to take part. Vendors and people with a Sales/Marketing role are not authorized as participants.

CPE Credits Earn 2 CPE (Continuing Professional Education) for attending this SIGS Afterwork Event. Please request a confirmation.
Location PostFinance Arena
Mingerstrasse 12
3014 Bern (Wankdorf)

Date of Event 27th of April 2017

Language English, if non German-speaking peoples will participate

Participation Costs Fr. 30.–
This includes presentations, all beverages and aperitif (food)


4:00 – 5:00 Registration & Welcome Coffee
5:00 – 5:30 David Doret, GRC Consulting Practice Lead at Kudelski Security

ISMS2: How to manage a complex ISMS program with a GRC platform
Setting up and maintaining an ISO 27001 ISMS is a challenge. But complex organizations (e.g. large multinational groups and public sector) are faced with the daunting task of running an ISMS program spanning multiple ISMSes with varying maturities, constraints, cultures and degree of integration with the group. Experience shows that the complexity of such a program is more than the sum of its ISMSes, hence the concept of ISMS2.

This level of complexity leads to inefficiencies (at best) and ineffectiveness (at worst). Through hard-won field experience and lessons learned, we gained insights into what works and what doesn’t. Come and listen to how a GRC platform may help you address the scaling challenge of ISMS2.

5:30 – as long as it takes or you can stay (incl. apéro) Pascal Reiniger, Chief Information Security Officer at Canton Basel-Stadt
Pascal Reiniger is searching for linked-minded Security Professionals which are interested to build maybe a Special Interest Group and to setup together best practice guidelines/rules in an…

Interactive Workshop ISMS
Every organization is required to have an Information Security Management System (ISMS) in place to organize and operate their requirements, documentations, processes and systems in the area of information security. In order to do that, every public authority and company needs to understand how to build and run their very own ISMS according to their organization, processes, security needs and risks. While the term ISMS indicates conformity and even comes with it’s own ISO standard 27001, the fact is that every ISMS is unique.

Since most organizations are still in the process of defining and adjusting their ISMS, this interactive presentation is aiming to:

  1. provide input on how to approach the implementation of an ISMS
  2. share knowledge between the participants on their experience when implementing and running an ISMS
  3. establish a platform to raise and tackle the most important topics in connection with ISMS, e.g. evaluation of different ISMS tools. How to organize risk management? Best practices regarding security reporting. What directives do you need and what should be written in them? How to organize security processes? etc.

The sponsors of this event are:

So don’t wait and register here if you have a XING account. If you don’t have or don’t like to have a XING account, just send us an email

With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it with its event partners and event sponsors of this specific platform.

Mobile Menu