“IT-Grundschutz” as the basis for comprehensive information security

    1. Services
    2. Information Security Management
    3. IT-Grundschutz

With the basic IT protection standard, the so-called “IT-Grundschutz”, the Federal Office for Information Security (BSI) has developed an easy-to-use and fit-for-purpose approach to fulfil the requirements of ISO 27001.

TÜViT has successfully completed more than 700 ISMS projects – according to ISO/IEC 27001:2013 as well as under the “BSI IT-Grundschutz”. We have been supporting organizations willing to achieve the ISMS (Information Security management System) certification according to ISO 27001 by using the “IT-Grundschutz methodology” for more than 10 years.


“IT-Grundschutz” from the BSI

The “IT-Grundschutz” standard from the BSI provides a “best practice” approach to the development of an information security management system (ISMS), by means of specifying security measures that tackle the existing threats.

In this, the “IT-Grundschutz” standard goes beyond the ISO 27001: while the ISO standard is aligned with business processes, the “BSI IT-Grundschutz” is more technically oriented. It describes in detail how organizations can reduce their risks. The so-called “IT-Grundschutz methodology” provides an excellent compatibility with ISO 27001 and other standards included in ISO 27000ff.

What are some arguments in favor of certification under ISO 27001 based on the “BSI IT-Grundschutz” standard?

With a certification under ISO 27001 based on the “BSI IT-Grundschutz” standard, you show your customers and business partners the importance you associate with IT security, since the level of your information security fulfills the requirements of the BSI. The certification ensures that the information and the data of an organization, as well as its IT processes are more secure and reliable. This also reduces the risk of business processes and activities being impaired or even interrupted by IT outages.

TÜViT has been performing audits according to ISO 27001 based on the “BSI IT-Grundschutz” standard for more than 10 years. As a certified IT security service provider for “IS consulting and IS revision as well as penetration tests” by the German Federal Office of Information Security (BSI), TÜViT has the necessary level of trustworthiness and skills to perform corresponding audits that cover both standards.

Our services at a glance

  • on-site IT security inspection, performed as quick security check or “IT-Grundschutz” assessment
  • analysis and assessment of the management of information security according to the “BSI IT-Grundschutz” standard
  • gap analysis
  • ISMS assessments by licensed and experienced ISMS auditors
  • risk assessments
  • ISMS audit according to “IT-Grundschutz”
  • integration of information security management into existing structures and processes
  • support with process conformity
  • supporting ISO 27001 certification based on “IT-Grundschutz”
  • ISMS coaching and project supervising
  • support with the development of an information security process
  • supplier audits
  • expert training courses on “IT-Grundschutz”

Your benefits at a glance

  • comprehensive experience in the field of ISO 27001 based on the “BSI IT-Grundschutz” standard: TÜViT has successfully completed more than 600 ISMS projects
  • sustained protection of your information, data, IT and business processes
  • certification according to the international standard ISO 27001 and “IT-Grundschutz” • you benefit from the extremely practice-oriented and detailed requirements of “IT-Grundschutz”
  • proof of confidence and compliance to customers and business partners
  • proof of an integrated information security to customers and business partners
  • when recommending security measures, TÜViT ensures a balanced cost-benefit ratio
  • excellently trained and experienced auditors
  • extensive experience of TÜViT experts, including in business security, cloud security, cyber security, industrial control systems (ICS) and smart energy

ISMS based on the “BSI IT-Grundschutz” standard secures your business and generates confidence on the market.

Gerald Krebs

Global Account Manager

+49 201 8999-411
Fax: +49 201 8999-666

Appointment Request

Alexander Padberg

Sales Manager

+49 201 8999-614
Fax: +49 201 8999-666

Further services

ISO 27001

As a certified IT security service provider by the German Federal Office of Information Security (BSI), TÜViT supports companies and public authorities with the planning, implementation, monitoring and continuous improvement of their information security management system.

ISMS for the Energy Industry

TÜViT supports grid operators with the rollout of their ISMS according to ISO 27001, taking into account ISO 27019.
Read more


TÜViT supports customers through all project phases when introducing the TISAX standard: from assessing the current state of their ISMS to equipping them with means to handle all TISAX-related issues within their own organization.
Read more
Cookie Settings
We would like to adapt the information on this website and our available services to your needs. For this purpose we use so-called cookies. Please decide which types of cookies you accept when using our website. The types of cookies that we use are described under "Details". Further information can be found in our privacy policy declaration.
Show details