Quiz Entry - updated: 2026.07.05
What are the three protection variants (Absicherungsvarianten) of the modernized IT-Grundschutz?
Basis-Absicherung (entry-level minimum), Standard-Absicherung (the certifiable normal level), and Kern-Absicherung (focused protection of the crown jewels).
* The three Absicherungsvarianten — Basis (broad/minimum), Standard (complete), Kern (deep, crown jewels). *
The modernized Grundschutz offers three entry strategies:
- Basis-Absicherung — fundamental first-pass protection across the whole organization; a quick win to reach a minimum level (entry point)
- Standard-Absicherung — corresponds roughly to the classic Grundschutz ("certificate level"); covers normal protection needs and is the basis for certification
- Kern-Absicherung — concentrates on a prioritized sub-area with the most critical assets, often with elevated protection needs (the "crown jewels" first)
Note: a sub-network (Teilverbund) with realized Kern-Absicherung can also be certified — you don't have to secure the entire organization at once to obtain a certificate.
Tip: Three on-ramps to the same highway: broad-but-basic (Basis), complete-and-normal (Standard), narrow-but-deep (Kern).
Go deeper:
BSI-Standard 200-2: IT-Grundschutz-Methodik — Erläutert Basis-, Standard- und Kern-Absicherung direkt aus der Methodik.