LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What are the three protection-need categories recommended by IT-Grundschutz?

Normal (limited, manageable damage), hoch (considerable damage), sehr hoch (existentially threatening, catastrophic damage).

Three stacked protection-need categories normal, hoch, sehr hoch with damage levels.

* The three Schutzbedarf categories — normal, hoch, sehr hoch — by maximum damage and the analysis each triggers. *

The categories are defined by the maximum damage and consequential damage that could result from a loss of confidentiality, integrity, or availability:

Category Damage level
Normal (niedrig bis mittel) Limited and manageable (begrenzt und überschaubar)
Hoch (high) Considerable damage possible (beträchtlich)
Sehr hoch (very high) Existentially threatening, catastrophic damage possible

Consequences for the methodology (interpretation of results):

  • Normal → standard security measures (Grundschutz) suffice
  • Hoch → standard measures + possibly a supplementary security analysis
  • Sehr hoch → standard measures + mandatory supplementary security analysis

Tip: Only three categories on purpose — finer scales create endless debates about category boundaries while changing nothing about the resulting measures.

Go deeper:

From Quiz: ISM / IT-Grundschutz (BSI) | Updated: Jul 14, 2026