IT-Grundschutz-Kompendium
Our glossary explains basic terms and abbreviations relating to mobile working, the use of smartphones and tablets in the corporate environment (Enterprise Mobility) and security aspects in the use of mobile devices.
IT-Grundschutz-Kompendium
BSI publication
The IT-Grundschutz-Kompendium (“IT basic protection compendium”) is a publication of the German Federal Office for Information Security (BSI).
Published since 2018, the IT-Grundschutz-Kompendium is the fundamental publication for so-called IT-Grundschutz (“IT basic protection”), an approach developed by the BSI for identifying and implementing IT security measures. The IT-Grundschutz-Kompendium is divided into “building blocks”, which in turn consist of “layers”.
Structure of the IT “Grundschutz” compendium
- ISMS: Security management
- ORP: Organization and personnel
- CON: Concept and procedure
- OPS: Operation
- DER: Detection and response
- APP: Applications
- SYS: IT Systems
- IND: Industrial IT
- NET: Networks and Communication
- INF: Infrastructure
The 2019 edition of the IT-Grundschutz Compendium was released on February 18, 2019, and contains a total of 14 new IT-Grundschutz building blocks, which, with the 80 IT-Grundschutz building blocks from the 2018 edition, now bring the total to 94 building blocks. Of the 80, 36 building blocks have been revised for the 2019 edition.
Since 2018, the IT-Grundschutz-Kompendium has served as the test basis for ISO 27001 certifications based on IT basic protection.
IT-Grundschutz-Kompendium and enterprise mobility
With regard to mobile security issues, the sections on mobile app security (APP 1.4—Mobile application [apps]) and smartphones and tablets (SYS.3.2.1—General smartphones and tablets) are particularly relevant.
IT-Grundschutz-Kompendium: Weblinks
- official website
- IT-Grundschutz-Kompendium_(BSI)_2023 (PDF | 5,4 MB)
- Bundesamt für Sicherheit in der Informationstechnik (BSI)
