Quiz Entry - updated: 2026.06.04
What completeness checks should conclude the IT-Grundschutz modeling?
A final sweep verifying that every aspect — overarching topics, infrastructure, systems, networks, applications, and odd objects — is covered by an appropriate block.
The final modeling step is an explicit completeness check:
- All overarching aspects considered (ISMS, organization, personnel)?
- All buildings, rooms, protective cabinets including cabling covered (infrastructural security)?
- All IT systems included?
- All network-related security aspects covered?
- All applications covered?
- All objects without a directly fitting block adequately modeled using other/similar blocks?
The last point matters in practice: exotic devices (a lab instrument, an IoT gateway) have no dedicated block — you must approximate with the closest fitting blocks rather than silently skipping them. An object that appears in the structure analysis but in no block assignment is an unprotected blind spot.