Information Security Management System (ISMS)
Upgrade of information security at the University of Bremen
An Information Security Management System (ISMS) is absolutely imperative for all core activities of a university, i.e. learning and teaching, research and transfer, and administration, albeit it in different ways.
Their specific constitution makes universities in particular vulnerable: academic freedom, global collaboration, high degree of decentralization and autonomy of the disciplines/faculties, project-based work, high staff turnover, complex roles and rights on account of different status groups with partners both within and outside the university.
Various standards and frameworks for ISMS have become established and can also be used for higher education contexts. In coordination with the Free Hanseatic City of Bremen, it was agreed to embark on the ISMS with the help of (C)ISIS 12. It is to start at the University of Bremen and be tested at Bremen City University of Applied Sciences and Bremerhaven University of Applied Sciences. Workshops for the inter-university exchange of views and ideas will allow all four universities to learn from each other, although each university will set up its own ISMS.