The IT Baseline Protection Catalogs, or IT-Grundschutz-Kataloge are a collection of documents from the German Federal Office for Security in Information. @misc{BSI, added-at = {T+}, author = {für Sicherheit in der Informationstechnik, Bundesamt}, biburl. IT-Grundschutz-Kataloge. 2 likes. Book. IT-Grundschutz-Kataloge. Book. 2 people like this topic. Want to like this Page? Sign up for Facebook to get started.

Author: Maurr Goltiktilar
Country: Denmark
Language: English (Spanish)
Genre: Education
Published (Last): 19 February 2018
Pages: 116
PDF File Size: 14.21 Mb
ePub File Size: 11.89 Mb
ISBN: 417-5-28587-354-2
Downloads: 4231
Price: Free* [*Free Regsitration Required]
Uploader: Tauzilkree

The respective measures or threats, which are introduced kataloeg the component, can also be relevant for other components. The threat catalogs, in connection with the component catalogs, offer more detail about potential threats to IT systems.

IT Baseline Protection Catalogs – Wikipedia

In the process, layers are used for structuring individual measures groups. Each catalog element is identified by an individual mnemonic laid out according to the following scheme the catalog groups are named first. During realization of measures, personnel should verify whether adaptation to the operation in question is necessary; any deviations from the initial measures should be documented for future reference.

BundesanzeigerCologne The given threat situation is depicted after a short description of the component examining the facts. Individual threat sources are described briefly. If notability katalove be established, the article is likely to be mergedredirectedor deleted. Category Z measures any additional measures that have proven themselves in practice.

The topic of this article may not meet Wikipedia’s general notability guideline. Measures are cited with a priority and a classification.


Each individual component follows the same layout. Finally, examples of damages that can be triggered by these threat sources are given. This publication does not intend to make managers into security experts. IT baseline protection protection encompasses standard security measures for typical IT systems, with normal protection needs.

IT Baseline Protection Catalogs

The second is addressed to in-house technicians, regarding structural aspects in the infrastructure layer. Each measure is named and its degree of realization determined.

The aim of IT- Grundschutz is to achieve an appropriate security level for all types of information of an organisation. Views Read Edit View history. C stands for component, M for measure, and T for threat. Articles with topics of unclear notability from October All articles with topics of unclear notability.

The text follows the facts of the kagaloge cycle in question and includes planning and design, acquisition if necessaryrealization, operation, selection if necessaryand preventive measures.

Federal Office for Information Security (BSI)

Partitioning into layers clearly isolates personnel groups impacted by a given layer from the layer in question. The forms provided serve to remedy protection needs for certain IT system components. The table contains correlations between measures and the threats they address. System administrators cover the kataloye layer, looking at the characteristics of IT systems, including clientsservers and private branch exchanges or fax machines.

A detailed description of the measures follows. They summarize the measures and most important threats for individual components. Degrees of realization, “considerable”, “yes”, “partial”, and “no”, are distinguished. From Wikipedia, grunxschutz free encyclopedia. According to the BSI, the knowledge collected in these catalogs is not necessary to establish baseline protection. This is followed by the layer number affected by the element. In this way, a network of individual components arises in the baseline protection catalogs.


The collection encompasses over pages, including the introduction and catalogs. An Overview you will find in the Decision Guide for Managers.

OWASP Review BSI IT-Grundschutz Baustein Webanwendungen – OWASP

Finally, a serial number within the layer identifies the element. The measures catalogs summarize the actions necessary to achieve baseline protection; measures appropriate for several system components are described centrally. The component catalogs, threat catalogs, and the measures catalogs follow these introductory sections. Retrieved from ” https: After a complete depiction, individual measures are once again collected into a list, which is arranged according to the measures catalog’s structure, rather than that of the life cycle.

Instead, it presents the information that decision makers need to assess the topic of information security and possible courses of action, to ask their experts the right questions and to set objectives.

Through proper application of well-proven technical, organisational, personnel, and infrastructural safeguards, a security level is reached that is suitable and adequate to protect business-related information having normal protection requirements.

Author: admin