[Blog] BSI IT-Grundschutz: Meet 2019 Edition
The 2019 edition contains 94 modules, 14 of which are completely new ones. 25 modules have been substantially revised. Major novelties refer to Mobile applications, Cloud solutions, embedded systems, and extended platform support (MacOS, PBX, SAP, IBM Z, etc.).
What are the BSI standards?
The BSI standards provide recommendations on methods, processes, and procedures, as well as approaches and actions on different aspects of information security. Organizations can use BSI standards to make their operations, processes, and data safer.
- The BSI standard 200-1 defines general requirements for an Information Security Management System (ISMS).
- The BSI Standard 200-2 provides a foundation for building an ISMS based on IT-Grunschutz methodology.
- The BSI Standard 200-3 covers risk-related issues. The standard provides a clear path to gear the IT-Grundschutz analysis to the risk assessment process.
New Modules of BSI IT-Grundschutz
The IT-Grundschutz Compendium 2019 contains 94 modules – blocks of recommendations covering specific information security areas. Following the holistic approach, the modules take into account technical, infrastructural, organizational and personnel aspects.
The new IT-Grundschutz modules appeared in the following sections
- Applications: APP.1.4 Mobile Applications; APP.2.3 OpenLDAP; APP.4.2 SAP ERP System; APP.4.6 SAP ABAP Programming; APP.1.4 Mobile Applications; APP.2.3 OpenLDAP; APP.4.2 SAP ERP System; APP.4.6 SAP ABAP Programming.
- Networks and communication:NET.4.1 PBXs; NET.4.2 VoIP; NET.4.3 Faxes and Fax Servers.
- IT systems: SYS.1.7 IBM Z System; SYS.2.4 Clients under MacOS; SYS.3.3 Mobile Phone; SYS.4.3 Embedded Systems.
- Industrial IT:IND.2.7 Safety Instrumented Systems;
- Infrastructure:INF.6 Volume Archive;
- Business:OPS.2.2 Cloud Usage.
Integration with automated solutions
Whatever the standards, their implementation is a highly time/resource-consuming task. Breaking down the silos and streamlining all compliance-related processes, automated solutions like Infopulse Standards Compliance Manager significantly reduce cost.
The recent Infopulse SCM 5.0 version integrates the updated IT-Grundschutz documentation. Besides a set of improved and added features, you will appreciate the opportunity of migrating to modernized IT-Grundschutz 2019.
Implementing IT-Grundschutz 2019 with Infopulse SCM
- Build new concepts based on an IT-Grundschutz 2019
- Migrate the existing security concept to the modernized IT-Grundschutz 2019
- Get automatic updates of requirements and modules
- Empower the security evaluation process with new modules
- Use new roles to add flexibility to your ISMS
Effective and easy-to-use IT security management system based on the latest standards and regulations — from planning and establishing the security concept to certification.