Site Overlay


The IT Baseline Protection Catalogs, or IT-Grundschutz-Kataloge are a collection of documents from the German Federal Office for Security in Information. @misc{BSI, added-at = {T+}, author = {für Sicherheit in der Informationstechnik, Bundesamt}, biburl. IT-Grundschutz-Kataloge. 2 likes. Book. IT-Grundschutz-Kataloge. Book. 2 people like this topic. Want to like this Page? Sign up for Facebook to get started.

Author: Vudolmaran Faelrajas
Country: Chad
Language: English (Spanish)
Genre: Literature
Published (Last): 8 March 2004
Pages: 187
PDF File Size: 12.94 Mb
ePub File Size: 14.36 Mb
ISBN: 432-4-71265-245-8
Downloads: 13947
Price: Free* [*Free Regsitration Required]
Uploader: Kezahn

This approach is very kwtaloge and very expensive. The first layer is addressed to managementincluding personnel and outsourcing. Besides the forms, the cross-reference tables another useful supplement.

BSI – IT-Grundschutz

IT Baseline Protection Handbook. Decision Guide for Managers: Partitioning into layers clearly isolates personnel groups impacted by aktaloge given layer from the layer in question. These threat catalogs follow the general layout in layers. The necessary measures are presented in a text with short illustrations. The following layers are formed: Each individual component follows the same layout.

Federal Office for Security in Information Technology. Articles with topics of unclear notability from October All articles with topics of unclear notability. Federal Office for Security in Information Technology, version. A table summarizes the measures to be applied for individual components in this regard. The second is addressed to in-house technicians, regarding structural aspects in the infrastructure layer. Managers are initially named to initiate and realize the measures in the respective measures description.

The topic of this article may not meet Wikipedia’s general notability guideline. Category Z measures any additional measures that have proven themselves in practice. In cases in which security needs are greater, such protection can be used as a basis for further action.

Measures, as well as threats, are cited with mnemonics. Measures are cited with a priority and a kataaloge.


To familiarize the user with the manual itself, it contains an introduction with explanations, the approach to IT baseline protection, a series of concept and role definitions, and a glossary. From Wikipedia, the aktaloge encyclopedia. The text follows the facts of the life cycle in question and includes planning and design, acquisition if necessaryrealization, operation, selection if necessaryand preventive measures.

The component number is composed of grundschhtz layer number in which the component is located and a unique number within the layer. In this way, a security level can be achieved, viewed as adequate in most cases, and, consequently, replace the more expensive risk assessment.

Category A measures for the entry point into the subject, B measures expand katapoge, and category C is ultimately necessary for baseline protection certification.

The component catalogs, threat catalogs, and the measures catalogs follow these introductory sections. Baseline protection can only be ensured if all measures are realized.

During realization of measures, personnel should verify whether adaptation to the operation in question is necessary; any deviations from the initial measures should be documented for future reference. BundesanzeigerCologne In this way, a network of individual components arises in the baseline protection catalogs.

After a complete depiction, individual measures are once again collected into a list, which is arranged according to the measures catalog’s grundxchutz, rather than that of the life cycle. An itemization of individual threat sources ultimately follows.

IT Baseline Protection Catalogs

By using this site, you agree to the Terms of Use and Privacy Policy. The threat catalogs, in connection with the component catalogs, offer more detail about potential threats to IT systems. Here you can also find the Baseline Protection Guide, containing support functions for implementing IT baseline protection in procedural detail.

In the process, classification of measures into the categories A, B, C, and Z is undertaken.

Finally, examples grundschuzt damages that can be triggered by these threat sources are given. In many areas, IT- Grundschutz even provides advice for IT systems and applications requiring a high level of protection. Baseline protection does, however, demand an understanding of the measures, as well as the vigilance of management.


You will find in the IT- Grundschutz Catalogues the modules, threats and safeguards.

IT- Grundschutz The aim of IT- Grundschutz is to achieve an appropriate security level for all types of information of an organisation. Finally, a serial number within the layer identifies the element.

If notability cannot be established, the article is likely to be mergedredirectedor deleted.

CRISAM BSI und GSTOOL Knowledge Pack | Crisam

However, the cross-reference tables only cite the most important threats. Each measure is named and its degree of realization determined. The detection and assessment of weak points in IT systems often occurs by way of a risk assessmentwherein a threat potential is assessed, and the costs of damage to the system or group of similar systems are investigated individually.

In the process, layers are used for structuring individual measures groups.

The conclusion consists of a cost assessment. This publication does not intend to make managers into security experts. The collection encompasses over pages, including the introduction and catalogs. The fifth within that of the applications administrator and the IT user, concerning software like database management systemse-mail and web servers.

The component catalog is the central element, and contains the following five layers: Finally, the realization is terminated and a manager is named. Individual threat sources are described briefly.