Skip to content
Close
en
de
Try it
Buy it
en
de
Try it
Buy it
CMDB & IT Dokumentation
navi-icon-products-i-doit
i-doit
CMDB, ITSM, ITIL, IT-Docu
navi-icon-products-i-doit-add-ons
i-doit Add-Ons
Add-Ons & Extensions
navi-icon-products-i-doit-up
i-doit up
ITAM in Cloud
Inventory
navi-icon-products-jdisc
JDisc Discovery
Asset & network discovery (in german)
Risk & Compliance Management
navi-icon-products-grc
i-doit GRC Suite
Modules overview
inditor
i-doit INDITOR
ISMS ISO, BSI & NIS-2
indart
i-doit INDART
IT emergency planning
inprive
i-doit INPRIVE
GDPR, data protection 
Risk & Compliance Management
navi-icon-products-grc-suite
i-doit Suite+
Cloud GRC 
Cabling management
navi-icon-use-cases-ISMS
PATCH MANAGER
Cabling & Asset Management
Services & support
navi-icon-products-consulting-support
Consulting & Support
Help & Advice
Blog-overview-header
i-doit and i-doit GRC 30 day trial
Free trial
Use Case Overview
navi-icon-use-cases-overview
Use Cases Overview
Use Cases Overview
Certifications & Compliance
navi-icon-use-cases-ISO27001
ISO27001
navi-icon-use-cases-B3S
B3S
navi-icon-use-cases-NIS2
NIS 2
navi-icon-use-cases-DSGVO
GDPR
navi-icon-use-cases-kritis
KRITIS
navi-icon-use-cases-TISAX
TISAX®
Industries
navi-icon-use-cases-infrastructure-utilities
Infrastructure & Utilities
navi-icon-use-cases-state-administration-education
State, administration and education
navi-icon-use-cases-healthcare
Healthcare
navi-icon-use-cases-information-technology-telecommunications
IT & Telecommunications
navi-icon-use-cases-industry
Industrial companies
navi-icon-use-cases-finance
Banks and insurance
navi-icon-use-cases-transport
Transport and traffic
Focus areas
navi-icon-use-cases-CMDB
CMDB
Configuration Management Database
navi-icon-use-cases-ITAM
IT Asset Management
ITAM
navi-icon-use-cases-ITSM
IT Service Management
ITSM
navi-icon-use-cases-ITIL
Information Technology Infrastructure Library
ITIL
navi-icon-use-cases-it-documentation
IT Documentation
navi-icon-use-cases-ISMS
Information Security Management System
ISMS
navi-icon-use-cases-emergency-management
Emergency Management
navi-icon-use-cases-data-protection
Data Protection
megamenu-man-tablet-smiling-server-room
i-doit and i-doit GRC free 30 day trial
Free trial
Partner network
navi-icon-partner-become
Become a partner
Become part of the team!
navi-icon-partner-webinars
Partner Webinars
In German
navi-icon-partner-portal
Partner Portal
For our partners
Book. a demo
Knowledge Center
navi-icon-knowledge-webinars
Webinars (De)
Live and on-demand 
navi-icon-knowledge-blog
Blog
News and expert knowledge 
navi-icon-knowledge-whitepaper
Whitepaper
IT deep dive
Book a demo
Company overview
navi-icon-company-about-us
About us
Get to know us
navi-icon-company-references
References
What our customers say
navi-icon-company-help-support
Consulting & Support
Help & Support
navi-icon-company-career
Careers
Current job openings
navi-icon-partner-webinars
Contact us
Let's talk!
Book a demo
Partnernetzwerk
navi-icon-partner-become
Partner werden
Werd Tell des Teame!
navi-icon-partner-find
Partner finden
Schnelles Verknüpfen
navi-icon-partner-add-ons
Partner Add-Ons
Sicheres führen
navi-icon-partner-webinars
Partner Webinare
Welterbildung und vieles mehrt
navi-icon-partner-portal
Partner Portal
Immer Up-To-Date
Partner Highlight
icon-api-square
becon GmbH
icon-api-square
FREICON Gruppe
icon-api-square
Allgeier ITS
icon-api-square
Sector Nord AG
icon-api-square
SHD System-Haus-Dresden GmbH
network-engineers-in-data-center-2025-03-09-23-33-55-utc
Partner Portal
Immer up to date!
Hier mehr erfahren
Mehr Platz für Weiterleitungen um bestimmte Events zu highlighten:
Demo vereinbaren

i-doit INDITOR - Your ISMS for ISO certifications, BSI & NIS-2

An ISMS in 15 days

Clear processes and predefined catalogs ensure the practical implementation of regulatory requirements.

As a GRC solution "Made in Germany", i-doit INDITOR creates a
reliable basis for sustainable information security.

rating-stars-transparent-white 4.7/5 on Capterra | 2,000+ satisfied customers

i-doit-inditor-header

Test i-doit INDITOR now for 30 days free of charge

icon-it-documentation-in-team-dk
2,000+ customers
icon-api-dk
No payment details required
icon-link-dk
Support included
icon-digital-contract-management-dk
Full range of functions
icon-it-security-dk
EU-DSGVO compliant

i-doit INDITOR ISO: Your path to ISO 27001 certification

Structured implementation of standard requirements and audit-proof documentation

inditor_05 risk treatment
icon-it-documentation-in-team-lt ISO 27001
Integration of the DIN EN ISO/IEC 27001/27002 catalogs for the ISMS structure  
icon-api-lt Standard texts & implementation
Clearly formulated requirements with practical implementation aids  
icon-link-lt Risks & measures
Systematic risk analysis and tracking of measures in accordance with standards  
icon-digital-contract-management-lt Catalogs & Industries
Support for B3S, IT security catalog, TISAX®/VDA-ISA, VAIT, BAIT, ISO 9001, ISO 27019, VdS 10000, and many more.  
icon-it-security-lt Audits & evidence
Comprehensible documentation for internal and external audits  

i-doit INDITOR BSI: Structured implementation of IT baseline protection

Centralized mapping and audit-proof documentation of requirements according to BSI IT-Grundschutz

INDITOR_Screenshot_Modeling
icon-it-documentation-in-team-dk BSI IT basic protection
Illustration of the 200 standards of the Federal Office for Information Security (BSI)  
icon-api-dk Public organizations
Designed to meet the requirements of authorities and public institutions  
icon-link-dk Procedure & information networks
Individual definition of the procedure for each information network  
icon-digital-contract-management-dk Determination of protection requirements
Carrying out the protection requirements analysis at process level  
icon-it-security-dk Audits & evidence
Comprehensible documentation for tests and certifications according to BSI  

i-doit INDITOR NIS-2: NIS-2-compliant & practically implemented

Central implementation with GAP analysis and audit-proof evidence

Incident management
icon-it-documentation-in-team-lt NIS-2 Implementation Act
Complete mapping of the requirements of the NIS-2 implementation law  
icon-api-lt Complete documentation of security incidents
Implement documentation, risk assessment & measures in compliance with NIS-2  
icon-link-lt Protection requirements & risks
Structured determination of protection requirements and systematic risk assessment  
icon-digital-contract-management-lt Measures & treatment
Derivation, implementation and follow-up of suitable safety measures  
icon-it-security-lt NIS-2 checklist & GAP analysis
Integrated checklist for stocktaking, assignment of measures, responsibilities and evidence  

Catalogs

Advantages of our ISMS solution

add-on-otrs-znuny-square
Integration

Ready-made catalogs and templates
enable a quick start
add-on-macmon-adapter-sm-view-square
Clear transparency

All requirements, risks and measures
measures are centrally traceable
add-on-checkmk-square
Less effort

Structured processes reduce manual
activities and coordination
icon-ipam-square
Sustainable security

Not only introduce an ISMS, but
operate it effectively in the long term
add-on-sm-view-connect-square
Audit ready

Verification at any time
for tests and audits
add-on-forms-square
Minimization of errors

Clear structures avoid gaps
and inconsistencies
add-on-monitos-monitoring-square
Central control

All ISMS-relevant topics in a
common database
add-on-znuny-connector-square
Flexibly expandable

Easily scalable with growing requirements

Our editions for the i-doit INDITOR at a glance

The right ISMS solution for ISO, BSI and NIS-2 - transparent and clear

i-doit INDITOR ISO
from 588 €
/ year
i-doit INDITOR BSI
from € 1,908
/ year
i-doit INDITOR NIS-2
from 1.908€
/ year
Function overview
Administration
idoit-check-mark
idoit-check-mark
idoit-check-mark
Master data
idoit-check-mark
idoit-check-mark
idoit-check-mark
Dashboard
idoit-check-mark
idoit-check-mark
idoit-check-mark
Reports
idoit-check-mark
idoit-check-mark
idoit-check-mark
Asset management
idoit-check-mark
idoit-check-mark
idoit-check-mark
Documents
Optional
Optional
Optional
Goal management
idoit-check-mark
idoit-check-mark
idoit-check-mark
Supplier management
idoit-check-mark
idoit-check-mark
idoit-check-mark
Measures
idoit-check-mark
idoit-check-mark
idoit-check-mark
Safety incident management
idoit-check-mark
idoit-check-mark
idoit-check-mark
Risk management
idoit-check-mark
idoit-check-mark
idoit-check-mark
Determining the need for protection
idoit-check-mark
idoit-check-mark
idoit-check-mark
Staff exchange
idoit-check-mark
idoit-check-mark
idoit-check-mark
Audit management
idoit-check-mark
idoit-check-mark
NIS-2 Checklist
idoit-check-mark
IT baseline protection check
idoit-check-mark
Catalogs
Optional
Optional
Optional
Purchase license
Optional
Optional
Optional

Use cases

Use cases relating to ISMS, risk and compliance management

Audit management
Audit management

You control audits centrally, plan audits, document results and automatically generate audit reports.

View use case

Document management
Document management

You can manage documents in an audit-proof manner, version and edit them directly in the tool and use templates and import functions.

View use case

GAP analysis
GAP analysis

i-doit supports GAP analyses according to standards such as ISO 27001, ISO 9001 or NIS2, including maturity level assessment, responsibilities and document assignment.

View use case

Supplier management
Supplier management

You evaluate and manage suppliers centrally, document contracts and maintain contact details and replacement suppliers.

View use cases

Action management
Action management

You derive measures, distribute tasks, track deadlines and receive automatic notifications by e-mail.

View use case

Security incident management
Security incident management

You document and evaluate security incidents in accordance with ISO and NIS2, assign affected assets and centrally derive measures.

View use case

Contact (1)

Book your personal live demo

Our i-doit team will be happy to take the time to advise you personally on your application.

Book now

i-doit INDITOR Overview

The information security software that provides you with a guide

1. Catalog of requirements

Illustration of the requirements of the ISO / IEC 27001 catalog linked to the scope. The requirements and measures are supplemented in our ISMS tool i-doit INDITOR with implementation instructions and assistance. ISO / IEC 27002 is automatically linked.

Define responsibilities, implementation statuses and measures for individual requirements. Link guidelines (e.g. compliance) and documents relevant to the requirements and add implementation instructions.

 

i-doit-GRC-Inditor-Unnamed-screenshot

2. Asset management

With i-doit INDITOR ISO asset management, you can manage processes, personnel and IT infrastructure centrally. Included ISO-compliant standard processes can be expanded and imported. Asset trees, groups and dependencies support risk assessments in risk management. Existing inventory and IT solutions, suppliers and organizational units can be easily integrated. For maximum transparency in complex companies.

i-doit-GRC-Inditor-Processes-screenshot

3. Determination of protection requirements

The protection requirement determines how important a process is for the functioning of all other processes in a company. You can make this determination in our software using a customizable Business Impact Analysis (BIA). This can be individually adapted to the circumstances and structures in your company.

The need for protection is automatically passed on to the people, applications and infrastructure it contains.

i-doit-GRC-Inditor-BIA-screenshot

4. Risk assessment

In the risk assessment, you determine how high the probability of a risk occurring in a particular scenario is.

You assess the likelihood that these hazards will affect your company and the most probable consequences of this impairment for your company.

i-doit-GRC-Inditor-risk-editing-screenshot

5. Audit management

Audit management is the ideal way to prepare for certification, e.g. to ISO/IEC 27001. You can plan and manage audits and check the current implementation status.

Compare security measures that have already been implemented with the requirements of the ISO standard to identify the level of security achieved and identify opportunities for improvement.

 

i-doit-GRC-Inditor-Audit-Report_Final-Screenshot

Industries

View all solutions for your industry

use-case-industries-infrastructure-card
Click
Infrastructure & utilities
Infrastructure & utilities In this industry, i-doit serves as a central CMDB to reliably map locations, systems, network structures, maintenance and compliance requirements, among other things.Read more
industries-finance-narrow-header
Click
Finances & Insurances
Finances & Insurances Here, i-doit supports IT with audit-proof documentation of systems, authorizations, change processes and regulatory requirements, among other things.Read more
industries-transport-narrow-header
Click
Transportation & traffic infrastructure
Transportation & traffic infrastructure In the transport and logistics sector, i-doit helps to clearly document technical systems, vehicles, routes, networks and dependencies, among other things.
Read more
industries-health-narrow-header
Click
Health & Medicine
Health & Medicine In the healthcare sector, i-doit is used to centrally manage medical devices, IT systems, maintenance cycles and safety-relevant information, among other things.Read more
industries-state-administration-narrow-header
Click
State, administration & education
State, administration & education Authorities, municipalities and educational institutions use i-doit for the structured management of hardware, software, contracts, licenses and security requirements, among other things.Read more
use-case-single-network-cabling
Click
Information Technology & Telecommunications
Information Technology & Telecommunications IT service providers and telecommunications providers use i-doit to document customer environments, networks, services, client structures and automated processes, among other things.Read more
industries-industry-suppliers-narrow-header
Click
Industry & Production
Industry & Production In industry, i-doit maps production facilities, machines, IT networks, maintenance and software-controlled systems centrally and comprehensibly.Read more

FAQs about i-doit INDITOR

Your advantages at a glance

What is an ISMS and why do I need it?

An information security management system (ISMS) is a systematic approach to ensuring information security in organizations. It helps to identify and assess risks and implement suitable measures to secure processes and data - e.g. in accordance with ISO/IEC 27001.
Which norms and standards does the ISMS tool support?

The ISMS tool covers requirements from the following norms and standards, among others:

  • ISO/IEC 27001 & ISO/IEC 27002

  • Compliance catalogs (e.g. TISAX®, BAIT, VAIT, DIN EN ISO 9001 etc.)

  • Risk management, audit and action management including BIA (Business Impact Analysis)
What does NIS2 mean and who does it apply to?

The EU's NIS 2 Directive is a legal framework for increasing cyber security in critical sectors. It extends the requirements for security measures and reporting obligations for companies and organizations in the EU.

How does the ISMS module NIS2 help me with implementation?

With the i-doit INDITOR NIS 2 module, i-doit offers a tool that maps the contents of the NIS 2 directive in a fully structured manner. Among other things, it supports

  • Clear inventory of the implementation status

  • Integrated GAP analysis/checklist for NIS2 compliance

  • Centralized management of responsibilities, evidence and measures

  • Audit-proof documentation for audit preparation
What is the difference between ISO 27001 and NIS2?

  • ISO 27001 is an international standard for a structured ISMS.

  • NIS2 is an EU directive with binding legal requirements on cyber security for affected organizations.

    The NIS2 module uses an ISMS system as a technical platform to implement the directive efficiently.

What is IT baseline protection?

IT baseline protection is an approach developed by the German Federal Office for Information Security (BSI) for a holistic information security management system. It comprises organizational, infrastructural and technical measures to secure systems and processes.

How does i-doit support IT baseline protection?

With i-doit INDITOR BSI, i-doit offers software for implementing IT baseline protection in accordance with the BSI standards (including 200-1, 200-2, 200-3). This solution:

  • maps the BSI specifications in a structured manner

  • enables risk management, documentation & task management

  • provides templates for guidelines and reports

  • supports individually customizable per scope
Can I use the solutions in combination?

Yes, the -i-doit software has a modular structure and can be used flexibly:

  • Only individual modules (e.g. ISO-ISMS, NIS2 or IT-Grundschutz)

  • or integrated as part of a comprehensive information security management system with a shared database and standardized interface.

What are the advantages of using the software?

With i-doit solutions, you benefit from

  • Structured and standardized procedures

  • Centralized documentation and verification

  • Automated process support

  • Audit and certification preparation

  • Reduction of manual effort
How do I start with the implementation?

You can:

  • request a demo or trial version

  • book a consultation or webinar

  • introduce the software step by step - from the first status check to full compliance implementation.