ISMS-P Compliance
ISMS-P (Information Security Management System - Personal Information) is Korea’s integrated certification standard for information security and personal data protection, managed by KISA (Korea Internet & Security Agency). KYRA MDR helps organizations meet ISMS-P requirements by providing automated security controls, audit logging, and compliance evidence.
What is ISMS-P?
ISMS-P combines two previously separate certifications:
- ISMS (Information Security Management System) — 80 controls across 13 domains
- PIMS (Personal Information Management System) — 22 additional controls for personal data
Organizations processing personal data of 10,000+ users or with annual revenue over 10 billion KRW in certain sectors are required to obtain ISMS-P certification.
Auto-Fulfilled Controls
KYRA MDR automatically satisfies 7 ISMS-P control areas through built-in platform capabilities. No additional configuration is needed beyond standard deployment.
1. Continuous Security Monitoring (2.9.1)
ISMS-P Requirement: Establish and operate a security monitoring system to detect and respond to security incidents.
How KYRA MDR fulfills it:
- 24/7 automated log collection and analysis from all connected sources
- AI-powered alert triage with 99% false positive filtering
- Real-time dashboard with security posture overview
- Automated incident creation and severity classification
2. Intrusion Detection and Prevention (2.9.2)
ISMS-P Requirement: Deploy intrusion detection/prevention systems and establish response procedures.
How KYRA MDR fulfills it:
- 3,200+ Sigma detection rules covering MITRE ATT&CK tactics
- NDR sensors for network-level threat detection
- SOAR playbooks for automated containment actions
- Escalation procedures with SLA-based response times
3. Log Management and Monitoring (2.9.4)
ISMS-P Requirement: Collect, store, and analyze security logs with appropriate retention.
How KYRA MDR fulfills it:
- Centralized log collection from firewalls, endpoints, cloud, and applications
- Tamper-proof log storage with configurable retention (7-365+ days by tier)
- Full-text log search with timeline correlation
- Automated log integrity verification
4. Incident Response (2.11.1)
ISMS-P Requirement: Establish incident response procedures including detection, analysis, containment, and recovery.
How KYRA MDR fulfills it:
- 12 built-in SOAR playbooks for common incident types
- AI-assisted incident classification and severity assessment
- Evidence collection with chain of custody tracking
- Post-incident reporting and lessons learned documentation
5. Access Control Logging (2.5.5)
ISMS-P Requirement: Log and monitor access to information systems and personal data.
How KYRA MDR fulfills it:
- Comprehensive audit trail of all console user actions
- Role-based access control (RBAC) with multi-tenant isolation
- Authentication event monitoring (success, failure, MFA)
- Privileged access monitoring and alerting
6. Vulnerability Management (2.9.3)
ISMS-P Requirement: Identify and remediate vulnerabilities in a timely manner.
How KYRA MDR fulfills it:
- External attack surface monitoring (EASM)
- Vulnerability correlation with active threat intelligence
- Risk-prioritized remediation recommendations
- Patch compliance tracking through endpoint telemetry
7. Backup and Recovery (2.9.7)
ISMS-P Requirement: Establish backup procedures and test recovery capabilities.
How KYRA MDR fulfills it:
- Automated daily backups with 7-day point-in-time recovery
- Cross-region data replication for disaster recovery
- Quarterly DR drills with documented results
- RTO/RPO targets by service tier (see Disaster Recovery)
Compliance Evidence
KYRA MDR generates audit-ready evidence for ISMS-P assessors:
| Evidence Type | Description | Location |
|---|---|---|
| Security Monitoring Reports | Monthly summaries of alerts, incidents, and response metrics | Console > Reports |
| Audit Logs | Complete user action history with timestamps | Console > Audit Logs |
| Incident Reports | Detailed incident documentation with timeline and remediation | Console > Incidents |
| Detection Rule Inventory | List of active detection rules with MITRE ATT&CK mapping | Console > Detection Rules |
| Data Retention Records | Log retention configuration and compliance status | Console > Settings |
| Access Control Matrix | User roles, permissions, and authentication settings | Console > Settings > Users |
ISMS-P Control Mapping
Below is the mapping between ISMS-P control domains and KYRA MDR features:
| ISMS-P Domain | Controls | KYRA MDR Coverage |
|---|---|---|
| 2.5 Access Control | 2.5.1-2.5.6 | RBAC, MFA, audit logging, session management |
| 2.6 Cryptography | 2.6.1-2.6.2 | AES-256 at rest, TLS 1.3 in transit, key management |
| 2.9 System/Service Security | 2.9.1-2.9.7 | Monitoring, detection, log management, vulnerability management, backup |
| 2.10 Incident Management | 2.10.1-2.10.3 | Detection, response playbooks, post-incident review |
| 2.11 Disaster Recovery | 2.11.1-2.11.2 | DR procedures, quarterly drills, RTO/RPO targets |
Getting Started
- Deploy KYRA MDR with the Quick Start guide
- Connect your log sources (Collector Installation)
- Review auto-fulfilled controls in Console > Compliance
- Export compliance evidence reports for your ISMS-P assessor
Related Documentation
- Security Overview — Platform security architecture
- Data Retention — Retention policies by tier
- Disaster Recovery — RTO/RPO and DR procedures
- Enterprise Readiness — SOC 2, ISO 27001, and other compliance