*** Welcome to piglix ***

IT Baseline Protection Catalogs


The IT Baseline Protection Catalogs, or IT-Grundschutz-Kataloge, ("IT Baseline Protection Manual" before 2005) are a collection of documents from the German Federal Office for Security in Information Technology (BSI) that provide useful information for detecting weaknesses and combating attacks in the information technology (IT) environment (IT cluster). The collection encompasses over 3000 pages, including the introduction and catalogs. It serves as the basis for the IT baseline protection certification of an enterprise.

IT baseline protection (protection) encompasses standard security measures for typical IT systems, with normal protection needs.

The detection and assessment of weak points in IT systems often occurs by way of a risk assessment, wherein a threat potential is assessed, and the costs of damage to the system (or group of similar systems) are investigated individually. This approach is very time-intensive and very expensive.

Protection may rather proceed from a typical threat, which applies to 80% of cases, and recommend adequate countermeasures against it. In this way, a security level can be achieved, viewed as adequate in most cases, and, consequently, replace the more expensive risk assessment. In cases in which security needs are greater, such protection can be used as a basis for further action.

To familiarize the user with the manual itself, it contains an introduction with explanations, the approach to IT baseline protection, a series of concept and role definitions, and a glossary. The component catalogs, threat catalogs, and the measures catalogs follow these introductory sections. Forms and cross-reference tables supplement the collection available on the Federal Office for Security in Information Technology's (BSI) Internet platform. Here you can also find the Baseline Protection Guide, containing support functions for implementing IT baseline protection in procedural detail.

Each catalog element is identified by an individual mnemonic laid out according to the following scheme (the catalog groups are named first). C stands for component, M for measure, and T for threat. This is followed by the layer number affected by the element. Finally, a serial number within the layer identifies the element.


...
Wikipedia

...