Grundschutz ("IT Baseline Protection") as a framework for the development of an Information Security Management System (ISMS) within a company. The IT-Grundschutz Catalogues are aligned with ISO 27001 and comply with the requirements of this standard. IT-Grundschutz is one way of implementing the ISO 27001 requirements. The IT-Grundschutz Catalogues and associated BSI standards serve as references for selecting appropriate security controls for typical IT configurations. Suggesting suitable organisational, personnel, infrastructural and technical standard security measures, they help you achieve an IT security level that is appropriate and sufficient for normal security requirements and that can serve as a basis for highly vulnerable IT systems and applications.
IT-Grundschutz Standards and Building Blocks
The BSI standards include Germany's interpretation of the ISO 27001 standard and are divided into the following works:
BSI-Standard 100-1: Information Security Management Systems (ISMS)
BSI-Standard 100-2: IT-Grundschutz Methodology
BSI-Standard 100-3: Risk Analysis based on IT-Grundschutz
BSI-Standard 100-4: Business Continuity Management
The IT-Grundschutz Catalogues describe risks and adequate countermeasures for individual IT processes. These are reflected in the building blocks devided into the following layers:
Generic aspects
Infrastructure
IT systems
Networks
Applications
IT-Grundschutz Benefits
An IT security strategy based on IT-Grundschutz offers, amongst other things, the following benefits for your company:
Minimal-effort approach - Pre-defined threats allow you to waive a detailed risk analysis.
Cost-effective solutions - IT-Grundschutz does not only consider occurrence probabilities, but also expected losses and implementation costs.
Expandability & upgradability - Based on user surveys, the BSI constantly updates and expands its IT-Grundschutz Catalogues.
IT-Grundschutz in Your Company
Are you interested in the implementation of IT-Grundschutz in your company? Please refer to our project procedure to learn how plan42 supports you during implementation. Do you have any further questions? Pleae feel free to contact us.
