The IT Baseline Protection Catalogs, or IT-Grundschutz-Kataloge are a collection of documents from the German Federal Office for Security in Information. @misc{BSI, added-at = {T+}, author = {für Sicherheit in der Informationstechnik, Bundesamt}, biburl. IT-Grundschutz-Kataloge. 2 likes. Book. IT-Grundschutz-Kataloge. Book. 2 people like this topic. Want to like this Page? Sign up for Facebook to get started.

Author: Dozilkree Moogurn
Country: Sri Lanka
Language: English (Spanish)
Genre: Love
Published (Last): 18 November 2005
Pages: 453
PDF File Size: 5.71 Mb
ePub File Size: 3.4 Mb
ISBN: 703-1-44018-120-3
Downloads: 90163
Price: Free* [*Free Regsitration Required]
Uploader: Gazahn

Category Z measures any additional measures that have proven themselves in practice. The forms provided serve to remedy protection needs for certain IT system components. Each measure is named and its degree of realization ig. The following layers are formed: In this way, a network of individual components arises in the baseline protection catalogs. The topic of this article may not meet Wikipedia’s general notability guideline.

Measures are cited with a priority and a classification. Retrieved from ” https: Views Read Edit View history. Degrees of realization, “considerable”, “yes”, “partial”, and “no”, are distinguished.

The detection and assessment of weak points in IT systems often occurs by way of a risk assessmentwherein a threat potential is assessed, and the costs of damage to the system or group of similar systems are investigated individually. BundesanzeigerCologne The collection encompasses over pages, including the introduction and catalogs. Category A measures for the entry point into the subject, B measures expand this, and category C is ultimately necessary for baseline protection certification.

IT Baseline Protection Handbook. To familiarize the user with the manual itself, it contains an introduction with explanations, the approach to IT grundscchutz protection, a series of concept and role definitions, and a glossary.

In this way, a security level can grundschuyz achieved, viewed as adequate in most cases, and, consequently, replace the more expensive risk assessment. Each catalog element is identified by an individual mnemonic laid out according to the following scheme the catalog groups are named first.


Both components must be successfully implemented to guarantee the system’s security. The fourth layer falls within the network administrators task area. After a complete depiction, individual measures are once again collected into a list, which is arranged according to the measures catalog’s structure, rather than that of the life cycle.

The conclusion consists of a cost assessment. A table summarizes the measures to be applied for individual components in this regard.

CRISAM BSI und GSTOOL Knowledge Pack | Crisam

This is followed by the layer number affected by the element. Please help to establish notability by citing reliable secondary sources that are independent of the topic and provide significant coverage of it beyond a mere trivial mention.

Individual threat sources are described briefly. Finally, a serial number within the layer identifies the element. Partitioning into layers clearly isolates personnel groups impacted by a given layer from the layer in question. Managers are initially named to initiate and realize the measures in the respective measures description.

Federal Office for Information Security (BSI)

The table contains correlations between measures and the threats they address. The given threat situation is depicted after a short description of the component examining the facts.

According to the BSI, the knowledge collected in these catalogs is not necessary to establish baseline protection. Baseline protection can only be ensured if all measures are realized. Articles with topics of unclear notability from October All articles with topics of unclear notability.

Measures, as well yrundschutz threats, are cited with mnemonics. grundschurz

Baseline hrundschutz does, however, demand an understanding of the measures, as well as the vigilance of management. Federal Office for Security in Information Technology, version.


The threat catalogs, in connection with the component catalogs, offer more detail about potential threats to IT systems. By using this site, you agree to the Terms of Use and Privacy Policy. You will find in the IT- Grundschutz Catalogues the modules, threats and safeguards.

To keep each component as compact as possible, global aspects are collected in one component, while more specific information is collected into a second. Grjndschutz proper application of well-proven technical, organisational, personnel, and infrastructural safeguards, a security level is grunxschutz that is suitable and adequate to protect business-related information having normal protection requirements.

If the measures’ realization is not possible, reasons for this are entered in the adjacent field for later traceability. These threat catalogs follow the general layout in layers.

BSI-Grundschutz Katalog | BibSonomy

IT baseline protection protection encompasses standard security measures for typical IT systems, with normal protection needs. Here you can also find the Baseline Protection Guide, containing support functions for implementing IT baseline protection in procedural detail. They summarize the measures and most important threats for individual components. IT- Grundschutz The aim of IT- Grundschutz is to achieve an appropriate security level for all types of information of an organisation.

Federal Office for Security in Information Technology. The component number is composed of the layer number in which the component is located and a unique number within the layer. An itemization of individual threat sources ultimately follows. A detailed description of the measures follows.

C stands for component, M for measure, and T for threat.

Author: admin