Skip to content

DN-Systems

Sections
Personal tools
You are here: Home » Policy » GSHB » IT Baseline Protection Manual » IT Baseline Protection Manual » IT Baseline Protection Manual
Languages
 

IT Baseline Protection Manual

An IT baseline security concept does not build on a detailed risk analysis. Instead this approach is based on generic threats without consideration of individual cost per incident or the probability of a certain incident to occur at all.

There are three protection requirement categories. By choosing from these categories as defined in the Baseline Security Guide (“IT Grundschutz Handbuch”) the appropriate technical and organizational measures can be taken. However, the protection provided by this approach is limited.

    Steps in the baseline security process:
  • Definition of scope
  • Analysis of IT infrastructure
  • Estimating security requirements
  • Performing basic security checks
  • Implementation of baseline security measures
In summary the booklet “IT Baseline Protection Manual” (“IT Grundschutzhandbuch”) by BSI offers a recipe for achieving medium protection from generic threats in information technology. This approach also considers implementation costs. However, the technical expertise for a detailed risk analysis is not required .

References

IT Baseline Protection Manual (eng)
IT-Grundschutz - die Basis für IT-Sicherheit (ger)
Created by lukas
Last modified 2005-10-17 02:31 AM
« November 2008 »
Su Mo Tu We Th Fr Sa
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30            
 
 
Powered by Plone

This site conforms to the following standards: