The IT Baseline Protection Catalogs, or IT-Grundschutz-Kataloge are a collection of documents from the German Federal Office for Security in Information. @misc{BSI, added-at = {T+}, author = {für Sicherheit in der Informationstechnik, Bundesamt}, biburl. IT-Grundschutz-Kataloge. 2 likes. Book. IT-Grundschutz-Kataloge. Book. 2 people like this topic. Want to like this Page? Sign up for Facebook to get started.

Author: Sajas Jugis
Country: Chile
Language: English (Spanish)
Genre: Spiritual
Published (Last): 18 October 2012
Pages: 261
PDF File Size: 2.66 Mb
ePub File Size: 18.34 Mb
ISBN: 565-7-92584-191-2
Downloads: 89155
Price: Free* [*Free Regsitration Required]
Uploader: Gaktilar

Measures, as well as threats, are cited with mnemonics. Retrieved from ” https: The collection encompasses over pages, including the introduction and catalogs. In this way, a security level can be achieved, viewed as grundschut in most cases, and, consequently, replace the more expensive risk assessment.

Category Z measures any additional measures that have proven themselves in practice. They summarize the measures and most important threats for individual components.

Managers katzloge initially named to initiate and realize the measures in the respective measures description. From Wikipedia, the free encyclopedia.

The forms provided serve to remedy protection needs for certain IT system components.

BSI – IT-Grundschutz

Articles with topics of unclear notability from October All articles with topics of unclear notability. IT baseline protection protection encompasses standard security measures for typical IT systems, with normal protection needs. Each measure is named and its degree of realization determined. The detection and assessment of weak points in IT systems often occurs by way of a risk assessmentwherein a threat potential is assessed, and the costs of damage to the system or group of similar systems are investigated individually.


Baseline protection can only be ensured if all measures are realized. Individual threat sources are described briefly.

Languages Deutsch Italiano Edit links. An Overview you will find in the Decision Guide for Managers. During realization of measures, personnel should verify whether adaptation to the operation in question is necessary; any deviations from the initial measures grundschuyz be documented for future reference.

By using this site, you agree to the Terms of Use and Privacy Policy. Each catalog element is identified by an individual mnemonic laid out according to the following scheme the ,ataloge groups are named first.

BSI – IT-Grundschutz Catalogues

It is not necessary to work through them to establish baseline protection. To keep each component as compact as possible, global aspects are collected in one component, while more specific information is collected into a second. In the process, classification of measures into the categories A, B, C, and Z is undertaken. The first layer is addressed to managementincluding personnel and outsourcing. Through proper application of well-proven technical, organisational, kt, and infrastructural safeguards, grundschugz security level is reached that is suitable and adequate to protect business-related information having normal protection requirements.

Measures are cited with a priority and a classification.

CRISAM BSI und GSTOOL Knowledge Pack

The topic of this article may not meet Wikipedia’s general notability guideline. These threat catalogs follow the general layout in layers.


The component catalog is the central element, and contains the following five layers: Finally, the realization is terminated and a manager is named. This is followed by the layer number affected by the element.

A detailed description of the measures follows. An itemization of individual threat sources ultimately follows. A table summarizes the measures to be applied for individual components in this regard.

Bundesamt für Sicherheit in der Informationstechnik

These present supplementary information. Category A measures for the entry point into the subject, B measures expand this, and category C is ultimately necessary for baseline protection certification. Both components must be successfully implemented to guarantee the system’s security.

It serves as the basis for the IT baseline protection certification of an enterprise. In the example of an Apache web server, the general B 5. You will find in the IT- Grundschutz Catalogues the modules, grnudschutz and safeguards. The table contains correlations between measures and the threats they address. In cases in which security needs are greater, such protection can be used as a basis for further action.

IT Baseline Protection Handbook.

System administrators cover the third layer, looking at the characteristics of IT systems, including clientsservers and private branch exchanges or fax machines.