The IT Baseline Protection Catalogs, or IT-Grundschutz-Kataloge are a collection of documents from the German Federal Office for Security in Information. @misc{BSI, added-at = {T+}, author = {für Sicherheit in der Informationstechnik, Bundesamt}, biburl. IT-Grundschutz-Kataloge. 2 likes. Book. IT-Grundschutz-Kataloge. Book. 2 people like this topic. Want to like this Page? Sign up for Facebook to get started.

Author: Yogrel Bragami
Country: Italy
Language: English (Spanish)
Genre: Software
Published (Last): 27 August 2004
Pages: 262
PDF File Size: 14.52 Mb
ePub File Size: 11.6 Mb
ISBN: 487-3-50729-797-6
Downloads: 26376
Price: Free* [*Free Regsitration Required]
Uploader: JoJok

In the example of an Apache web server, the general B 5. These present supplementary information. C stands for component, M for measure, and T for threat. An itemization of individual threat sources ultimately follows. Federal Office for Security in Information Technology, version.

Federal Office for Information Security (BSI)

Each measure is named and its degree of realization determined. You will find in the IT- Grundschutz Catalogues the modules, threats and safeguards.

Besides the forms, the cross-reference tables another useful supplement.

If the measure cited for a given threat is not applicable for the individual IT system, it is not superfluous. In the process, classification of measures into the categories A, B, C, and Z is undertaken.

The component catalogs, threat catalogs, and the measures catalogs follow these introductory sections. Each catalog element is identified by an individual mnemonic laid out according to the following scheme the catalog groups are named first.


CRISAM BSI und GSTOOL Knowledge Pack

Both components must be successfully implemented to guarantee the system’s security. If the measures’ realization is not possible, reasons for this are entered in the adjacent field for later traceability.

Please help to establish notability by citing reliable secondary sources that are independent of the topic and provide significant coverage of it beyond a mere trivial mention.

In the process, layers are used for structuring individual measures groups. The necessary measures are presented in a text with short illustrations. The forms provided serve to remedy protection needs for certain IT system components. The respective grunxschutz or threats, which are grundschytz in the component, can also be relevant for other components.

IT Baseline Protection Catalogs – Wikipedia

The component catalog is the central element, and contains the following five layers: To keep each component as compact as possible, global aspects are collected in one component, while more specific information is collected into a second. Measures, as well as threats, are cited with mnemonics. These threat catalogs follow the general layout in layers.

Category Z measures any additional measures that have proven themselves in practice. IT baseline protection protection encompasses standard security measures for typical IT systems, with normal protection needs. Managers are initially named to initiate and realize the measures in the respective measures description.

The aim of IT- Grundschutz is to achieve an appropriate security level for all types of information of an organisation.

Related Articles  ALMASSAE.MA PDF

Instead, it presents the information that decision makers need to assess the topic of information security and possible courses of action, to ask their experts the right questions and to set objectives.

Degrees of realization, “considerable”, “yes”, “partial”, and “no”, are distinguished. The fifth within that of the applications administrator and the IT user, concerning software like database management systemse-mail and web servers.

To familiarize the user with the manual itself, it contains an introduction with explanations, the approach to IT baseline protection, a series of concept and role definitions, and a glossary. IT- Grundschutz The aim of IT- Grundschutz is to achieve an appropriate security level for all types of information of an organisation.

However, the cross-reference tables only cite the most important threats. Here you can also kt the Baseline Protection Guide, containing support functions for implementing IT baseline protection in procedural detail. The second is addressed to in-house technicians, regarding structural aspects in the infrastructure layer.

Articles with topics of unclear ktaaloge from October All articles with topics of unclear notability. Measures are cited with a priority and a classification.

IT- Grundschutz uses a holistic approach to this process.