How is the layer model (Schichtenmodell) of the IT-Grundschutz-Kompendium structured?
Ten block families in two groups: process blocks (ISMS, ORP, CON, OPS, DER) and system blocks (IND, APP, SYS, NET, INF) — a "function-oriented" structure.
* The Schichtenmodell — process Bausteine (ISMS, ORP, CON, OPS, DER) and system Bausteine (IND, APP, SYS, NET, INF), with each Baustein decomposing into sub-Bausteine (e.g. SYS → SYS.1 Server → SYS.1.1 General server). *
The block families:
Process blocks (Prozess-Bausteine) — organizational/overarching:
| Code | Meaning |
|---|---|
| ISMS | Security management |
| ORP | Organization & personnel |
| CON | Concepts & procedures |
| OPS | Operational security aspects |
| DER | Detection & reaction (to security incidents) |
System blocks (System-Bausteine) — concrete technology:
| Code | Meaning |
|---|---|
| IND | Industrial IT (SCADA etc.) |
| APP | Applications |
| SYS | IT systems and components |
| NET | Networks |
| INF | Physical security / infrastructure |
The old catalogs were system-oriented; the new model is function-oriented: overarching/process aspects are separated from systems, and responsibilities are bundled — another deliberate step toward the structure of ISO 27001.
Tip: Mnemonic for the process side: "ISMS ORganizes CONcepts, OPerates, DEtects & Reacts."
Go deeper:
Lerneinheit 5.2: Schichtenmodell (BSI Online-Kurs) — Erklärt die Prozess- und System-Bausteinfamilien des Schichtenmodells.
IT-Grundschutz-Kompendium (BSI) — Originalstruktur der zehn Schichten und Bausteine.