verinice 1.22 is here! The new version of the ISMS tool comes with a number of new features, including the BSI's IT-Grundschutz compendium in the 2021 edition. The verinice.TEAM has also worked on providing additional modules that allow verinice to be customized depending on the deployment scenario.
Numerous major and minor optimizations characterize the new version of the open source tool for managing information security. For example, verinice 1.22 is delivered with VDA ISA / TISAX versions 4 and 5 and the reporting form according to BSIG 8b for security incidents. Users can either obtain it from the verinice.SHOP or download it from the repository for Pro customers. The most important new features of verinice 1.22 (and the update 1.22.1) are documented in the release notes.
Additional modules for verinice
Another change is the central provision of additional modules via the verinice.SHOP. Users can access the modules as supplements for verinice and use them as needed for working with the ISMS tool. These include (German only) minimum standards issued by BSI and IT-Grundschutz profiles. The following additional modules are available as fee-based add-ons: Risk Catalog and Risk Catalog Plus (ISO 27001 / ISO 27019), Data Protection Module and Industry Standard B3S Hospital.
The PCI DSS module has also recently been added. This requirements catalog maps the Payment Card Industry Data Security Standard (PCI DSS) in verinice. The use of the module with verinice is possible from version 1.22 in the ISM perspective.
B3S Hospital & verinice
The "Industry-Specific Security Standard for Healthcare in Hospitals" (B3S Hospital, German only), which is available for verinice, is aimed specifically at healthcare providers. verinice is already in use as a reliable solution in the healthcare industry (e.g. Universitätsklinikum Halle, Charité Universitätsmedizin Berlin). The combination with the industry standard now specifically supports clinics and hospitals in meeting requirements from the Patient Data Protection Act (PDSG) and improving their IT security or introducing information security management by the deadline of 01.01.2022. For this purpose, verinice, verinice.PRO and the add-on module B3S Hospital are also qualified for funding from the Hospital Future Fund (KHZF).