What is BSI IT-Grundschutz?
IT-Grundschutz is the methodology of the German Federal Office for Information Security (BSI). It provides a structured baseline of security requirements organised into Bausteine (building blocks) that cover the whole organisation, from management to technical systems.
It is widely used by German public and private organisations and aligns naturally with ISO 27001 — IT-Grundschutz can even lead to an ISO 27001 certificate on the basis of IT-Grundschutz.
IT-Grundschutz Baustein layers
ISMS & ORP
CON & OPS
DER
APP, SYS, NET, INF, IND
BSI IT-Grundschutz with ResiPlan
ResiPlan includes a structured IT-Grundschutz baseline and runs a maturity GAP analysis with evidence, so German entities can track and prove their posture.
Cross-mapping links IT-Grundschutz to ISO 27001 and NIS2 — assess once and reflect your compliance across all three.
Frequently asked questions
What is BSI IT-Grundschutz?
A German security baseline from the BSI, organised into Bausteine (building blocks) across process and system layers, widely used for NIS2 and ISO 27001 alignment.
How does IT-Grundschutz relate to ISO 27001?
IT-Grundschutz is compatible with ISO 27001 and can lead to certification 'on the basis of IT-Grundschutz'. ResiPlan cross-maps the two.