IT-Grundschutz: Two-Tier Risk Assessment for a Higher Efficiency in IT Security Management

  • Angelika Jaschob
  • Lydia Tsintsifa


Using the pragmatic two-tier risk assessment and management approach of IT-Grundschutz helps organisations to optimise the efforts for the IT security management process as well as to achieve the requirements of ISOLIEC 27001.


Target Object Information Security Security Measure Security Management Audit Report 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [BSI1]
    BSI Standard 100-1: “Information Security Management Systems”
  2. [B512]
    BSI Standard 100-2: “IT-Grundschutz Methodology”
  3. [B513]
    BSI-Standard 100-3: “Risikoanalyse auf der Basis von IT-Grundschutz”
  4. [BSIC]
    BSI, “IT-Grundschutz-Kataloge, Standardwerk zur IT-Sicherheit” Loseblattsammiung, Schriftenreihe zur IT-Sicherheit, Bundesanzeiger-Verlag,
  5. [BSIM]
    BSI, “IT-Grundschutz Manual 2004”
  6. [BSIZ]
    BSI “Zertifizierung nach ISO 27001 auf der Basis von IT-Grundschutz”
  7. [CERT]
    BSI, “Certification conforming to ISO 27001 based on IT-Grundschutz” Scheme for ISO 27001 AuditsGoogle Scholar

Copyright information

© Friedr. Vieweg & Sohn Verlag | GWV-Fachverlage GmbH, Wiesbaden 2006

Authors and Affiliations

  • Angelika Jaschob
    • 1
  • Lydia Tsintsifa
    • 1
  1. 1.Bundesamt für Sicherheit in der InformationstechnikGermany

Personalised recommendations