“IT-Grundschutz” as the basis for comprehensive information security

Do you have any questions or comments? Contact us!
Contact us now!

With the basic IT protection standard, the so-called “IT-Grundschutz”, the Federal Office for Information Security (BSI) has developed an easy-to-use and fit-for-purpose approach to fulfil the requirements of ISO 27001.

TÜVIT has successfully completed more than 700 ISMS projects – according to ISO/IEC 27001:2013 as well as under the “BSI IT-Grundschutz”. We have been supporting organizations willing to achieve the ISMS (Information Security management System) certification according to ISO 27001 by using the “IT-Grundschutz methodology” for more than 10 years.


“IT-Grundschutz” from the BSI

The “IT-Grundschutz” standard from the BSI provides a “best practice” approach to the development of an information security management system (ISMS), by means of specifying security measures that tackle the existing threats.

In this, the “IT-Grundschutz” standard goes beyond the ISO 27001: while the ISO standard is aligned with business processes, the “BSI IT-Grundschutz” is more technically oriented. It describes in detail how organizations can reduce their risks. The so-called “IT-Grundschutz methodology” provides an excellent compatibility with ISO 27001 and other standards included in ISO 27000ff.

What are some arguments in favor of certification under ISO 27001 based on the “BSI IT-Grundschutz” standard?

With a certification under ISO 27001 based on the “BSI IT-Grundschutz” standard, you show your customers and business partners the importance you associate with IT security, since the level of your information security fulfills the requirements of the BSI. The certification ensures that the information and the data of an organization, as well as its IT processes are more secure and reliable. This also reduces the risk of business processes and activities being impaired or even interrupted by IT outages.

TÜVIT has been performing audits according to ISO 27001 based on the “BSI IT-Grundschutz” standard for more than 10 years. As a certified IT security service provider "IS revision as well as penetration tests” by the German Federal Office of Information Security (BSI), TÜVIT has the necessary level of trustworthiness and skills to perform corresponding audits that cover both standards.

Our services at a glance

  • on-site IT security inspection, performed as quick security check or “IT-Grundschutz” assessment
  • analysis and assessment of the management of information security according to the “BSI IT-Grundschutz” standard
  • gap analysis
  • ISMS assessments by licensed and experienced ISMS auditors
  • risk assessments
  • ISMS audit according to “IT-Grundschutz”
  • integration of information security management into existing structures and processes
  • supplier audits

Your benefits at a glance

  • comprehensive experience in the field of ISO 27001 based on the “BSI IT-Grundschutz” standard: TÜVIT has successfully completed more than 600 ISMS projects
  • sustained protection of your information, data, IT and business processes
  • certification according to the international standard ISO 27001 and “IT-Grundschutz”
  • you benefit from the extremely practice-oriented and detailed requirements of “IT-Grundschutz”
  • proof of confidence and compliance to customers and business partners
  • proof of an integrated information security to customers and business partners
  • excellently trained and experienced auditors
  • extensive experience of TÜVIT experts, including in business security, cloud security, cyber security, industrial control systems (ICS) and smart energy