The ISDP concept creates the prerequisites for realizing and transferring the requirements for information security and data protection.

The ISDP concept completes the information security and data protection requirements. It includes a detailed and in-depth risk analysis. The protection measures are defined.

The IDSP concept is based, firstly, on the study and protection needs analysis outcomes developed in the initiation phase and, secondly, on the organizational and solution requirements outcomes. It must be handled in accordance with the requirements of the core organization concerning information protection.

1. Protection needs analysis
2. Study
3. Solution requirements
4. Organizational requirements

1. Create a system description with the security-related components.
2. Create a risk analysis, show how risks are addressed with overarching concepts, and identify residual risks.
3. Create the emergency concept and processing regulations, and record them in the ISDP concept.
4. Coordinate the ISDP concept with the controlling and compliance bodies.

1. ISDP concept