LOGBOOK

HELP

Quiz Entry - updated: 2026.06.04

What happens in the Modellierung (modeling) step of the IT-Grundschutz analysis?

The recorded information domain is rebuilt using the Grundschutz building blocks: layer by layer, applicable blocks are selected and assigned to their target objects.

Modellierung turns the inventory (from structure analysis) into an IT-Grundschutz model:

  • Work through the layer model of the Kompendium (~85 blocks total)
  • Select per layer those blocks necessary for the security of the information domain (e.g. INF.1 for the building, SYS.1.1 for the server group, OPS.x for operations processes)
  • Assign each selected block to its target object (system group, room, application, the whole organization)
  • Blocks may be modified where needed — e.g. supplemented with additional measures or made technically more concrete

The resulting model is the test plan: it defines exactly which requirements apply to which object — the input for the Basis-Sicherheitscheck.

Tip: Modeling = "instantiating" the generic Kompendium classes onto your concrete objects — like applying templates to assets.

From Quiz: ISM / IT-Grundschutz (BSI) | Updated: Jun 04, 2026