Sold by: BSG Partners
Deployed on AWS
Automated ISMS-P compliance scanning dashboard for AWS. Runs comprehensive K-ISMS technical checks daily across accounts with S3 Data Lake, Athena analytics, and QuickSight visualization.
Overview
ISMS-P Intelligence Dashboard automates the technical compliance assessment required for Korea's ISMS-P (Information Security Management System - Personal Information) certification. Built on an advanced K-ISMS compliance framework optimized for AWS, it evaluates hundreds of security controls across your AWS accounts daily and presents actionable compliance insights through an integrated analytics pipeline. The solution deploys as a single CloudFormation stack with a fully serverless architecture. An EventBridge schedule triggers Step Functions daily at 02:00 KST, orchestrating parallel scans across all configured target accounts via high-performance Lambda Container Images. Scan results in OCSF format are stored in a centralized S3 Data Lake, transformed to Parquet via Glue ETL, and made queryable through pre-configured Athena views. An optional QuickSight dashboard provides at-a-glance compliance metrics including compliance rate, critical/high severity findings, category breakdowns, and 30-day trend analysis. Key technical capabilities: - Advanced K-ISMS Compliance Framework: A comprehensive library of automated checks mapped to ISMS-P technical controls covering access control, network security, encryption, logging, and more. - Cross-Account Scanning: Scan multiple AWS accounts from a central hub using secure IAM AssumeRole. Each account runs independently with partial failure tolerance - one account's issue does not affect the execution of others. - S3 Data Lake Architecture: All scan results and security findings are stored in a centralized S3 bucket with date-partitioned paths for efficient querying, long-term retention, and audit integrity. - Athena Analytics: Pre-built views for latest findings, KPI aggregation, severity distribution, category breakdown, and compliance trend analysis. Query your compliance data directly with standard SQL. - QuickSight Dashboard (Optional): One-click activation via CloudFormation parameter. Overview dashboard with KPI cards, severity bar charts, category donut charts, and non-compliant items table. SPICE-powered for sub-second response times with daily refresh. - Serverless & Cost-Efficient: No servers to manage. Lambda Container Images handle the scanning engine execution within the 15-minute limit. Step Functions orchestrate parallel workloads. Pay only for what you use. The dashboard is designed for security teams, compliance officers, and IT auditors preparing for or maintaining ISMS-P certification. It eliminates manual evidence collection by providing continuous, automated compliance monitoring with full audit trails stored in S3.
Highlights
- Comprehensive Automated ISMS-P Compliance Checks: Leverages an extensive library of AWS-optimized compliance checks to evaluate access control, network security, encryption, logging, and other technical controls required for ISMS-P certification.
- Scalable Cross-Account Serverless Architecture: Scans multiple AWS accounts in parallel using Step Functions and Lambda. Partial failure tolerance ensures high reliability. No EC2 instances to manage - fully serverless with pay-per-use pricing.
- Integrated Data Pipeline & Visualization: S3 Data Lake with Glue ETL transforms raw findings for high-performance analysis. Pre-built Athena views and an optional QuickSight dashboard provide KPI cards and 30-day compliance trend visualization.
Details
Sold by
Categories
Delivery method
Supported services
Delivery option
Standard
Latest version
Operating system
Linux
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/month |
|---|---|---|
ISMS-P Intelligence Dashboard Subscription | Monthly subscription for ISMS-P Intelligence Dashboard. Includes automated K-ISMS compliance scanning, cross-account parallel scanning via Step Functions, S3 Data Lake with Glue ETL, and pre-built Athena views. Subscription is active regardless of instance state. | $199.00 |
Vendor refund policy
Refunds are available within 7 days of the initial subscription purchase if no compliance scan has been executed. To request a refund, contact mp_support@bsgglobal.com with your AWS Account ID and subscription details. Refund requests are processed within 5 business days (KST, Mon-Fri).
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Standard
Supported services: Learn more
- Amazon ECS
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
- Automated ISMS-P technical control scanning (custom framework, daily)
- Compliance dashboard (9 sheets: Overview, Access Control, Network, Encryption, Logging, Asset Management, Vulnerability, Backup, Remediation)
- Security Hub threat/vulnerability monitoring (GuardDuty, Inspector)
- CloudTrail security change tracking (IAM, Security Group, KMS, etc.)
- Multi-account support (cross-account parallel scanning)
- Daily change trend analysis (new violations / resolved items)
- QuickSight Enterprise dashboard auto-provisioning
- S3 + Athena direct query support
Additional details
Usage instructions
Quick Start
Step 1: Set Up Target Accounts
Enable these AWS services in each target account (if not already active):
- AWS Security Hub
- Amazon GuardDuty
- Amazon Inspector
Then deploy the IAM role for cross-account scanning.
Option A - CloudFormation (recommended):
Deploy the "ISMS-P Member Account Role" template in each target account. Set "CentralAccountId" parameter to your central account ID.Option B - Manual IAM setup:
- Role name: "ISMS-P-ScanRole" - Trust: allow "sts:AssumeRole" from central account with "ExternalId" = "isms-p-<CentralAccountId>" - Attach AWS managed policies: "ViewOnlyAccess" and "SecurityAudit"Tip: use "CloudFormation StackSets" to deploy to multiple accounts at once.
Step 2: Deploy the Main Stack
Launch the CloudFormation template in your central (dashboard) account.
Parameters:
- AcceptQuickSightCost: type Yes to accept QuickSight Enterprise charges ($18/author/month, billed by AWS).
- TargetAccountIds: comma-separated AWS account IDs to scan.
- AdminEmail: email for QuickSight registration and alerts.
- ScanScheduleTimezone: daily scan timezone (default: "Asia/Seoul").
Step 3: Run Your First Scan
Daily scan runs at 02:00 in your configured timezone. To run immediately:
- Open AWS Step Functions console
- Select state machine isms-p-dashboard-compliance-scan
- Click Start execution (use default input)
- Each account takes about 3-5 minutes
Step 4: Access the Dashboard
After the stack is created and scan data is available:
- Open Amazon QuickSight from the AWS Console
- If prompted, self-register with your email (Reader role, free for first user)
- Open ISMS-P Compliance Dashboard from the Dashboards list
All registered QuickSight users automatically get dashboard access. No invitation URL or manual permission setup is required.
Step 5: View Results
Troubleshooting
Support
Vendor support
Email: mp_support@bsgglobal.com Standard Support: - Email support with response within 2 business days (KST, Mon-Fri) - Includes deployment assistance, configuration guidance, and troubleshooting - CloudFormation stack deployment and cross-account IAM role setup guidance - Documentation and deployment guide included with the product
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.