BSI IT-Grundschutz

The BSI IT-Grundschutz¹ is a comprehensive methodology for implementing and managing information security management systems (ISMS). Its systematic approach covers organizational, personell and infrastructural aspects of information security and is fully compatible with the ISO/IEC 27001 standard.

To support establishing ISMS in organizations, the BSI provides a series of standards:

• BSI-Standard 200-1
• BSI-Standard 200-2
• BSI-Standard 200-3

These serve as a foundation upon which organizations can certify their ISMS in accordance with ISO/IEC 27001.

In addition to the standards, the BSI provides a IT-Grundschutz Compendium.

---

Footnotes

1. https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/IT-Grundschutz/it-grundschutz_node.html (retrieved 23.05.2025) ↩