Quiz Entry - updated: 2026.07.14
How does the German document classification differ from the anglo-american one?
German: Politik → Konzept → Regelwerk → Aufzeichnungen. Anglo-american: EISP → ISSP → SysSP → Guidelines. Same cascade idea, different cut.
* German (by abstraction) vs anglo-american (by scope) — the two cascades aligned layer by layer. *
| German layer | Closest anglo-american equivalent |
|---|---|
| Politik | EISP — Enterprise Information Security Policy |
| Konzept | ISSP — Issue-Specific Security Policy (+ concepts) |
| Regelwerk | SysSP — System-Specific Security Policy |
| Aufzeichnungen | (operational documentation — not a policy type) |
| — | Guidelines — non-binding recommendations |
Differences worth knowing:
- The English split classifies by scope (whole enterprise → issue → system); the German pyramid classifies by abstraction level (politics → concept → rules → records)
- The German model explicitly includes Aufzeichnungen (records/evidence) as a layer; the English model instead distinguishes binding policies from non-binding guidelines
Tip: Vocabulary trap — German "Richtlinie" is usually binding (more like a policy), while English "guideline" is non-binding advice. Translating them 1:1 causes real governance accidents.