VoIP (Voice over IP) transmits telephone calls over IP-based networks. In an ISMS, VoIP introduces specific security requirements: eavesdropping protection through encryption (SRTP), separation of voice traffic into dedicated VLANs, protection of VoIP infrastructure against denial-of-service, and securing management interfaces. Emergency calling capabilities and recording obligations may also be relevant. Migrating from traditional telephony to VoIP requires a risk assessment, since availability now depends on IT infrastructure.