Germany
IT-Grundschutz workbook

To help organizations secure IT systems, the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, or BSI) created a baseline set of standards for protecting information technology (in German, IT-Grundschutz).

The Germany IT-Grundschutz workbook, provided by the Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI), is a comprehensive guide for achieving a high standard of IT security within organizations. It is a part of the BSI Standards series and is designed to be a practical and detailed methodology for establishing, maintaining, and improving an information security management system (ISMS). The IT-Grundschutz approach is well-respected and recognized for its depth and thoroughness, providing step-by-step guidance and best practices.

This workbook includes various modules that address specific aspects of IT security. It encompasses risk analysis, baseline protection concepts, and detailed modules that cover every aspect of IT systems, from network infrastructure to application security. The IT-Grundschutz methodology goes beyond the general requirements of ISO 27001, offering a more granular set of controls and measures. These are aimed at providing a tailored security strategy that aligns with the specific needs and risk profile of an organization. The workbook is regularly updated to respond to new security challenges and to integrate the latest best practices in IT security.