The model begins with an analysis of the actual situation, which is procedured by an accredited consultant through a requirement analysis (questionnaire with 50 questions).
These questions concern:
The questionnaire which is open to public can be ordered for free at email@example.com
After the evaluation the accredited consultant works out an appropriate IT Security process for the company.
When the company reaches 75% of the requirements, the certificate can be issued.
After the successful implementation of ISA+Information-Security-Analysis the company receives a certificate “safe information” after ISA+ Information-Security-Analysis, valid for the next two years.