← Frameworks / Security Framework

BSI IT-Grundschutz Compendium

Comprehensive German cybersecurity methodology from the Federal Office for Information Security (BSI). Covers 111 modules across process, system, network, application, infrastructure, operations, and detection/response layers. Widely adopted across German government, critical infrastructure, and enterprise.

Clauses: 30

Avg Coverage: 86.0%

Publisher: Bundesamt fur Sicherheit in der Informationstechnik (BSI) Version: 2023

BSI IT-Grundschutz → SP 800-53 SP 800-53 → BSI IT-Grundschutz Coverage Analysis

Clause	Title	SP 800-53 Controls
APP.1.1	Office Products	CM-06 CM-07 SI-03 SC-18 SC-44
APP.3.1	Web Applications and Web Services	SA-11 SC-07 SI-10 SC-08 SA-23 SI-21
CON.1	Crypto Concept	SC-12 SC-13 SC-28 SC-08 SC-38
CON.2	Privacy	PT-01 PT-02 PT-03 PT-04 PT-05 PT-06 PT-07 PT-08 PM-25 PM-26 PM-27 SI-18 SI-19
CON.3	Data Backup	CP-09 CP-06
CON.6	Deletion and Destruction	MP-06 MP-08 SI-12 SI-18
CON.7	Information Security on Business Trips	AC-17 AC-19 PE-17 SC-28 SC-42
DER.1	Detection of Security-Relevant Events	SI-04 AU-06 CA-07 IR-05 SC-48 SI-20
DER.2.1	Incident Management	IR-01 IR-04 IR-05 IR-06 IR-08 IR-09
DER.4	Business Continuity Management	CP-01 CP-02 CP-03 CP-04 CP-05 CP-06 CP-07 CP-08 CP-09 CP-10 CP-11 CP-12 CP-13 SI-13
INF.1	Building	PE-01 PE-02 PE-03 PE-04 PE-05 PE-06 PE-07 PE-08 PE-09 PE-10 PE-11 PE-12 PE-13 PE-14 PE-15 PE-16 PE-17 PE-18 PE-21 PE-22 PE-23
INF.2	Data Centre	PE-01 PE-02 PE-03 PE-04 PE-05 PE-06 PE-07 PE-08 PE-09 PE-10 PE-11 PE-12 PE-13 PE-14 PE-15 PE-16 PE-17 PE-18 PE-21 PE-22 PE-23
ISMS.1	Security Management	PM-01 PM-02 PM-03 PM-09 PM-06 PL-09 PL-10 PL-11
NET.1.1	Network Architecture and Design	SC-07 PL-08 SC-32 AC-04 SC-46 SC-47
NET.1.2	Network Management	CM-06 CM-07 CM-02 SC-07 CM-12
NET.3.1	Router and Switches	CM-06 CM-07 SC-07 CM-02 CM-14 SC-41
OPS.1.1.2	Proper IT Administration	AC-02 AC-05 AC-06 CM-03 CM-05 PS-09
OPS.1.1.3	Patch and Change Management	CM-03 CM-04 CM-14 SI-02
OPS.1.1.4	Protection Against Malware	SI-03 SI-08 SI-16 SC-44
OPS.1.1.5	Logging	AU-01 AU-02 AU-03 AU-04 AU-05 AU-06 AU-07 AU-08 AU-09 AU-10 AU-11 AU-12 SI-20
OPS.1.1.6	Software Testing	SA-11 CM-04 SA-20
OPS.1.2.4	Telecommuting	AC-17 PE-17 SC-28 SC-42
OPS.1.2.5	Remote Maintenance	MA-04 MA-07
ORP.1	Organisation	PM-01 PM-02 PL-01 AC-05 PL-09
ORP.2	Personnel	PS-01 PS-02 PS-03 PS-04 PS-05 PS-06 PS-07 PS-08 PS-09 AT-01 AT-02 AT-03 AT-04 PM-13
ORP.3	Awareness and Training	AT-01 AT-02 AT-03 AT-04 AT-06 PM-13 PM-14
ORP.4	Identity and Access Management	AC-01 AC-02 AC-03 AC-04 AC-05 AC-06 AC-07 AC-08 AC-09 AC-10 AC-11 AC-12 AC-13 AC-14 AC-15 AC-16 AC-17 AC-18 AC-19 AC-20 AC-21 AC-22 AC-23 AC-24 AC-25 IA-01 IA-02 IA-03 IA-04 IA-05 IA-06 IA-07 IA-08 IA-09 IA-10 IA-11 IA-12
ORP.5	Compliance Management	CA-02 CA-09 PM-01 PL-04 SA-04
SYS.1.1	General Server	CM-02 CM-06 CM-07 SI-02 AC-03 CM-14 SI-16
SYS.2.1	General Client	CM-02 CM-06 CM-07 SI-02 AC-03 SC-28 SC-42 SI-16