Apr 22, 2019

BSI IT-Grundschutz: Meet 2019 Edition

Early this year, the Federal Office for Information Security (BSI, Germany) released a new revision of the IT-Grundschutz Compendium. This outstanding event did not pass unnoticed for Information Security professionals, especially across EU. Below we prepared a quick update for the audiences not too much familiar with the IT-Grundschutz basics.
Infopulse Standards Compliance Manager BSI IT-Grundschutz Compedium 2019
Infopulse SCM 5.0 supports BSI IT-Grundschutz 2019

The 2019 edition contains 94 modules, 14 of which are completely new ones. 25 modules have been substantially revised. Major novelties refer to Mobile applications, Cloud solutions, embedded systems, and extended platform support (MacOS, PBX, SAP, IBM Z, etc.).

What are the BSI standards?

The BSI standards provide recommendations on methods, processes, and procedures, as well as approaches and actions on different aspects of information security. Organizations can use BSI standards to make their operations, processes, and data safer.

  • The BSI standard 200-1 defines general requirements for an Information Security Management System (ISMS).
  • The BSI Standard 200-2 provides a foundation for building an ISMS based on IT-Grunschutz methodology.
  • The BSI Standard 200-3 covers risk-related issues. The standard provides a clear path to gear the IT-Grundschutz analysis to the risk assessment process.

New Modules of BSI IT-Grundschutz

The IT-Grundschutz Compendium 2019 contains 94 modules – blocks of recommendations covering specific information security areas. Following the holistic approach, the modules take into account technical, infrastructural, organizational and personnel aspects.

The new IT-Grundschutz modules appeared in the following sections

  • Applications: APP.1.4 Mobile Applications; APP.2.3 OpenLDAP; APP.4.2 SAP ERP System; APP.4.6 SAP ABAP Programming; APP.1.4 Mobile Applications; APP.2.3 OpenLDAP; APP.4.2 SAP ERP System; APP.4.6 SAP ABAP Programming.
  • Networks and communication:NET.4.1 PBXs; NET.4.2 VoIP; NET.4.3 Faxes and Fax Servers.
  • IT systems: SYS.1.7 IBM Z System; SYS.2.4 Clients under MacOS; SYS.3.3 Mobile Phone; SYS.4.3 Embedded Systems.
  • Industrial IT:IND.2.7 Safety Instrumented Systems;
  • Infrastructure:INF.6 Volume Archive;
  • Business:OPS.2.2 Cloud Usage.

Integration with automated solutions

Whatever the standards, their implementation is a highly time/resource-consuming task. Breaking down the silos and streamlining all compliance-related processes, automated solutions like Infopulse Standards Compliance Manager significantly reduce cost.

The recent Infopulse SCM 5.0 version integrates the updated IT-Grundschutz documentation. Besides a set of improved and added features, you will appreciate the opportunity of migrating to modernized IT-Grundschutz 2019.

Implementing IT-Grundschutz 2019 with Infopulse SCM

  • Build new concepts based on an IT-Grundschutz 2019
  • Migrate the existing security concept to the modernized IT-Grundschutz 2019
  • Get automatic updates of requirements and modules
  • Empower the security evaluation process with new modules
  • Use new roles to add flexibility to your ISMS 

Check out the new features with Infopulse SCM.

Request a demo

Request a Demo

Request an individual live demo to find out how Infopulse Standards Compliance Manager – an integrated information security management tool, can optimize and streamline your mission-critical business processes related to security governance, compliance and risk management specific to your industry.

Schedule your personal demo with our expert for a date and time that works best for you.

Contact form